Cyber Posture

CVE-2024-52363

Medium

Published: 17 January 2025

Published
17 January 2025
Modified
11 March 2025
KEV Added
Patch
CVSS Score 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0006 17.4th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-52363 is a medium-severity Path Traversal (CWE-22) vulnerability in Ibm Infosphere Information Server. Its CVSS base score is 6.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked at the 17.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Data from Local System (T1005) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Timely application of vendor patches for CVE-2024-52363 directly remediates the directory traversal flaw in IBM InfoSphere Information Server.

SI-10 Information Input Validation good match
prevent

Validating URL inputs to reject or sanitize dot-dot sequences (/../) prevents exploitation of the directory traversal vulnerability.

AC-3 Access Enforcement partial match
prevent

Enforcing access control policies ensures logical access to files is restricted to authorized directories, mitigating unauthorized file disclosure via traversal.

MITRE ATT&CK Enterprise TechniquesAI

T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
attack.mitre.org →
T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

Directory traversal in public-facing server app directly enables remote arbitrary file read (T1005) via exploitation of the exposed application (T1190).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.

Deeper analysisAI

CVE-2024-52363 is a directory traversal vulnerability (CWE-22) in IBM InfoSphere Information Server 11.7. Published on 2025-01-17, it enables a remote attacker to navigate directories on the system by sending a specially crafted URL request with "dot dot" sequences (/../), allowing access to arbitrary files.

The vulnerability carries a CVSS v3.1 base score of 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). A remote attacker with low privileges can exploit it over the network with low complexity and no user interaction required, resulting in high confidentiality impact through unauthorized file disclosure, while integrity and availability remain unaffected.

IBM has issued an advisory at https://www.ibm.com/support/pages/node/7176515 detailing the issue, where practitioners can review recommended patches and mitigation guidance.

Details

CWE(s)
CWE-22

Affected Products

ibm
infosphere information server
11.7

CVEs Like This One

CVE-2025-14974Same product: Ibm Aix
CVE-2025-36258Same product: Ibm Aix
CVE-2024-7577Same product: Ibm Aix
CVE-2024-51459Same product: Ibm Aix
CVE-2024-49781Same product: Linux Linux Kernel
CVE-2024-54171Same product: Linux Linux Kernel
CVE-2025-52452Same product: Linux Linux Kernel
CVE-2026-0704Same product: Linux Linux Kernel
CVE-2025-13855Same product: Ibm Aix
CVE-2024-38337Same product: Ibm Aix

References