CVE-2024-39752
Published: 10 July 2025
Summary
CVE-2024-39752 is a medium-severity Unrestricted Upload of File with Dangerous Type (CWE-434) vulnerability in Ibm Analytics Content Hub. Its CVSS base score is 6.8 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 40.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-3 (Malicious Code Protection).
Deeper analysis
IBM Analytics Content Hub versions 2.0, 2.1, 2.2, and 2.3 are affected by CVE-2024-39752, a vulnerability stemming from inadequate validation of file types uploaded via the Explore Content feature. This unrestricted upload of files with dangerous types (CWE-434) enables attackers to introduce malicious executable files into the system. The issue has a CVSS v3.1 base score of 6.8 (AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H), rated as medium severity.
Exploitation requires high privileges (PR:H), such as those held by authenticated administrators or privileged users, along with network access and low attack complexity. User interaction is necessary, typically involving a victim opening or executing the uploaded malicious file. Successful exploitation allows attackers to upload executables that can be distributed to other users, enabling further attacks like remote code execution with high impacts on confidentiality, integrity, and availability.
IBM has published a security advisory at https://www.ibm.com/support/pages/node/7234122 detailing the vulnerability, affected versions, and recommended mitigations or patches. Security practitioners should consult this resource for specific remediation steps.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-54769
Vulnerability details
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could be vulnerable to malicious file upload by not validating the type of file uploaded to Explore Content. Attackers can make use of this weakness and upload malicious executable files into…
more
the system, and it can be sent to victim for performing further attacks.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unrestricted file upload (CWE-434) in a network-accessible app directly enables exploitation of a public-facing application (T1190) to place malicious executables that victims then execute (T1204.002).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly enforces validation of file types and content on uploads to the Explore Content feature, blocking dangerous executable files at the root of CWE-434.
Requires malicious-code scanning and blocking mechanisms that would identify and reject executable payloads uploaded via the vulnerable interface.
Mandates integrity verification of uploaded information, providing a secondary control to detect or reject unauthorized executable files before they are stored or distributed.