Cyber Resilience

CVE-2024-39752

Medium

Published: 10 July 2025

Published
10 July 2025
Modified
23 July 2025
KEV Added
Patch
CVSS Score v3.1 6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0019 40.8th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-39752 is a medium-severity Unrestricted Upload of File with Dangerous Type (CWE-434) vulnerability in Ibm Analytics Content Hub. Its CVSS base score is 6.8 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 40.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-3 (Malicious Code Protection).

Deeper analysis

IBM Analytics Content Hub versions 2.0, 2.1, 2.2, and 2.3 are affected by CVE-2024-39752, a vulnerability stemming from inadequate validation of file types uploaded via the Explore Content feature. This unrestricted upload of files with dangerous types (CWE-434) enables attackers to introduce malicious executable files into the system. The issue has a CVSS v3.1 base score of 6.8 (AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H), rated as medium severity.

Exploitation requires high privileges (PR:H), such as those held by authenticated administrators or privileged users, along with network access and low attack complexity. User interaction is necessary, typically involving a victim opening or executing the uploaded malicious file. Successful exploitation allows attackers to upload executables that can be distributed to other users, enabling further attacks like remote code execution with high impacts on confidentiality, integrity, and availability.

IBM has published a security advisory at https://www.ibm.com/support/pages/node/7234122 detailing the vulnerability, affected versions, and recommended mitigations or patches. Security practitioners should consult this resource for specific remediation steps.

EU & UK References

Vulnerability details

IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could be vulnerable to malicious file upload by not validating the type of file uploaded to Explore Content. Attackers can make use of this weakness and upload malicious executable files into…

more

the system, and it can be sent to victim for performing further attacks.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
Why these techniques?

Unrestricted file upload (CWE-434) in a network-accessible app directly enables exploitation of a public-facing application (T1190) to place malicious executables that victims then execute (T1204.002).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-39750Same product: Ibm Analytics Content Hub
CVE-2024-38327Same product: Ibm Analytics Content Hub
CVE-2024-40693Same vendor: Ibm
CVE-2024-25034Same vendor: Ibm
CVE-2025-13689Same vendor: Ibm
CVE-2025-33015Same vendor: Ibm
CVE-2023-49886Same vendor: Ibm
CVE-2026-9170Same vendor: Ibm
CVE-2026-8175Same vendor: Ibm
CVE-2026-7876Same vendor: Ibm

Affected Assets

ibm
analytics content hub
2.0 — 2.4

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces validation of file types and content on uploads to the Explore Content feature, blocking dangerous executable files at the root of CWE-434.

preventdetect

Requires malicious-code scanning and blocking mechanisms that would identify and reject executable payloads uploaded via the vulnerable interface.

preventdetect

Mandates integrity verification of uploaded information, providing a secondary control to detect or reject unauthorized executable files before they are stored or distributed.

References