CVE-2024-39752
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-10

Last updated on: 2025-07-23

Assigner: IBM Corporation

Description
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could be vulnerable to malicious file upload by not validating the type of file uploaded to Explore Content. Attackers can make use of this weakness and upload malicious executable files into the system, and it can be sent to victim for performing further attacks.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-10
Last Modified
2025-07-23
Generated
2026-05-27
AI Q&A
2025-07-10
EPSS Evaluated
2026-05-25
NVD
CVE-2024-39752
EUVD
EUVD-2024-54769
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ibm analytics_content_hub From 2.0 (inc) to 2.4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in IBM Analytics Content Hub versions 2.0 to 2.3 allows attackers to upload malicious executable files because the system does not properly validate the type of files uploaded to the Explore Content feature. This can enable attackers to introduce harmful files into the system.


How can this vulnerability impact me? :

The vulnerability can lead to attackers uploading malicious executable files, which can then be used to perform further attacks on the system or its users. This can compromise the confidentiality, integrity, and availability of the affected system.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart