CVE-2024-31903
Published: 22 January 2025
Summary
CVE-2024-31903 is a high-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Ibm Sterling B2B Integrator. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 4.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
IBM Sterling B2B Integrator Standard Edition versions 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 contain a deserialization of untrusted data flaw tracked as CVE-2024-31903 and CWE-502. The issue enables an adjacent-network attacker to supply malicious serialized objects that the application processes without sufficient validation, leading directly to arbitrary code execution on the host.
An unauthenticated attacker positioned on the same local network can exploit the vulnerability without user interaction. Successful exploitation grants full control over the affected system, resulting in complete compromise of confidentiality, integrity, and availability as reflected in the CVSS 3.1 score of 8.8.
The IBM advisory published at https://www.ibm.com/support/pages/node/7172233 details available patches and mitigation steps for the listed releases. The associated EPSS score has remained stable at 0.1819 with no material increase observed after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-29761
Vulnerability details
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local network to execute arbitrary code on the system, caused by the deserialization of untrusted data.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Deserialization of untrusted data (CWE-502) directly enables unauthenticated remote code execution over the network on the vulnerable application.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Flaw remediation directly mitigates CVE-2024-31903 by applying vendor patches to fix the deserialization of untrusted data vulnerability.
Information input validation checks and sanitizes untrusted data before deserialization, preventing arbitrary code execution from malicious serialized inputs.
Boundary protection limits adjacent network access to the vulnerable IBM Sterling B2B Integrator system, blocking the attacker's prerequisite network proximity.