Cyber Resilience

CVE-2024-47113

High

Published: 18 January 2025

Published
18 January 2025
Modified
18 August 2025
KEV Added
Patch
CVSS Score v3.1 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Score 0.0025 48.9th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-47113 is a high-severity aka Blind XPath Injection (CWE-91) vulnerability in Ibm Voice Gateway. Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 48.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-47113 is an XML injection vulnerability (CWE-91) affecting IBM ICP Voice Gateway versions 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, 1.0.7.1, and 1.0.8. It enables a remote attacker to send specially crafted XML statements, allowing them to view or modify information within the XML document. The vulnerability carries a CVSS v3.1 base score of 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N), indicating high severity due to its network accessibility, low attack complexity, and significant impacts on confidentiality and integrity.

An attacker with low privileges (PR:L) can exploit this vulnerability remotely over the network without requiring user interaction. Successful exploitation allows the attacker to read sensitive data or alter XML content, potentially leading to unauthorized data exposure or manipulation within the affected Voice Gateway component.

The IBM security advisory at https://www.ibm.com/support/pages/node/7175791 provides details on mitigation, including available patches and recommended actions for affected versions.

EU & UK References

Vulnerability details

IBM ICP - Voice Gateway 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6. 1.0.7, 1.0.7.1, and 1.0.8 could allow remote attacker to send specially crafted XML statements, which would allow them to attacker to view or modify information in the XML document.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

XML injection in a network-accessible Voice Gateway component directly enables remote exploitation of a public-facing application to view or modify data.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-8633Same vendor: Ibm
CVE-2025-0159Same vendor: Ibm
CVE-2023-49886Same vendor: Ibm
CVE-2026-1343Same vendor: Ibm
CVE-2026-8620Same vendor: Ibm
CVE-2024-39750Same vendor: Ibm
CVE-2026-9170Same vendor: Ibm
CVE-2026-3366Same vendor: Ibm
CVE-2026-8175Same vendor: Ibm
CVE-2025-36379Same vendor: Ibm

Affected Assets

ibm
voice gateway
1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents XML injection attacks by implementing input validation mechanisms at XML processing entry points to reject specially crafted statements.

prevent

Mitigates the vulnerability by identifying, reporting, and applying vendor-provided patches to remediate the flawed XML processing in affected IBM ICP Voice Gateway versions.

prevent

Complements input validation by enforcing restrictions on XML inputs at system boundaries to block unauthorized or malformed content.

References