CVE-2024-47113
Published: 18 January 2025
Summary
CVE-2024-47113 is a high-severity aka Blind XPath Injection (CWE-91) vulnerability in Ibm Voice Gateway. Its CVSS base score is 8.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 48.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2024-47113 is an XML injection vulnerability (CWE-91) affecting IBM ICP Voice Gateway versions 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, 1.0.7.1, and 1.0.8. It enables a remote attacker to send specially crafted XML statements, allowing them to view or modify information within the XML document. The vulnerability carries a CVSS v3.1 base score of 8.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N), indicating high severity due to its network accessibility, low attack complexity, and significant impacts on confidentiality and integrity.
An attacker with low privileges (PR:L) can exploit this vulnerability remotely over the network without requiring user interaction. Successful exploitation allows the attacker to read sensitive data or alter XML content, potentially leading to unauthorized data exposure or manipulation within the affected Voice Gateway component.
The IBM security advisory at https://www.ibm.com/support/pages/node/7175791 provides details on mitigation, including available patches and recommended actions for affected versions.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-42873
Vulnerability details
IBM ICP - Voice Gateway 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6. 1.0.7, 1.0.7.1, and 1.0.8 could allow remote attacker to send specially crafted XML statements, which would allow them to attacker to view or modify information in the XML document.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
XML injection in a network-accessible Voice Gateway component directly enables remote exploitation of a public-facing application to view or modify data.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly prevents XML injection attacks by implementing input validation mechanisms at XML processing entry points to reject specially crafted statements.
Mitigates the vulnerability by identifying, reporting, and applying vendor-provided patches to remediate the flawed XML processing in affected IBM ICP Voice Gateway versions.
Complements input validation by enforcing restrictions on XML inputs at system boundaries to block unauthorized or malformed content.