Cyber Resilience

CVE-2024-41767

High

Published: 04 January 2025

Published
04 January 2025
Modified
21 March 2025
KEV Added
Patch
CVSS Score v3.1 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score 0.0015 35.4th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-41767 is a high-severity SQL Injection (CWE-89) vulnerability in Ibm Engineering Lifecycle Optimization Publishing. Its CVSS base score is 7.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 35.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-41767 is a SQL injection vulnerability (CWE-89) in IBM Engineering Lifecycle Optimization - Publishing versions 7.0.2 and 7.0.3. Published on 2025-01-04, it carries a CVSS v3.1 base score of 7.3 (High: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L), indicating network accessibility with low attack complexity and no prerequisites.

A remote attacker could exploit this by sending specially crafted SQL statements to the application, potentially viewing, adding, modifying, or deleting information in the back-end database. No user privileges or interaction are needed, enabling unauthorized low-level impacts on confidentiality, integrity, and availability without scope changes.

The IBM security advisory at https://www.ibm.com/support/pages/node/7180199 provides details on patches and mitigation steps.

EU & UK References

Vulnerability details

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

SQL injection in public-facing IBM app directly enables remote exploitation of the application without auth (T1190).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-41763Same product: Ibm Engineering Lifecycle Optimization Publishing
CVE-2024-41766Same product: Ibm Engineering Lifecycle Optimization Publishing
CVE-2025-13855Same product: Linux Linux Kernel
CVE-2026-8855Same product: Linux Linux Kernel
CVE-2024-38337Same product: Linux Linux Kernel
CVE-2026-8834Same product: Linux Linux Kernel
CVE-2024-54171Same product: Linux Linux Kernel
CVE-2025-13214Same product: Linux Linux Kernel
CVE-2024-49781Same product: Linux Linux Kernel
CVE-2025-57870Same product: Linux Linux Kernel

Affected Assets

ibm
engineering lifecycle optimization publishing
7.0.2, 7.0.3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents SQL injection by requiring validation of all user inputs before they are processed in database queries.

prevent

Requires timely remediation of known flaws like this SQL injection vulnerability through patching as provided in the IBM advisory.

prevent

Boundary protection with web application firewalls can inspect traffic and block specially crafted SQL injection payloads.

References