{"vulnerability": "CVE-2024-49348", "sightings": [{"uuid": "fdcd614d-1523-4006-bf9f-9b9d8869d2e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49348", "type": "seen", "source": "https://t.me/cvedetector/17290", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49348 - IBM Cloud Pak for Business Automation Comment Reassignment Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49348 \nPublished : Feb. 5, 2025, 12:15 p.m. | 1\u00a0hour, 38\u00a0minutes ago \nDescription : IBM Cloud Pak for Business Automation\u00a018.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2   \n  \n  \n  \nallows restricting access to organizational data to valid contexts. The fact that tasks of type comment can be reassigned via API implicitly grants access to user queries in an unexpected context. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-05T14:58:14.000000Z"}, {"uuid": "78aed04f-625c-41b4-bd1e-9f42a09361bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49348", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5047", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49348\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: IBM Cloud Pak for Business Automation\u00a018.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 \n\n\n\nallows restricting access to organizational data to valid contexts. The fact that tasks of type comment can be reassigned via API implicitly grants access to user queries in an unexpected context.\n\ud83d\udccf Published: 2025-02-05T11:30:05.572Z\n\ud83d\udccf Modified: 2025-02-22T21:00:11.012Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7182403", "creation_timestamp": "2025-02-22T21:25:47.000000Z"}, {"uuid": "54196236-a48f-4581-8fcb-c75a6a518c3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49348", "type": "seen", "source": "Telegram/R0F4UdC5RSv_-gpuOoo9xbGntHsb3gyul_vQSZuZsoHz07_9", "content": "", "creation_timestamp": "2025-02-06T02:43:28.000000Z"}, {"uuid": "aa777dbe-0e33-478d-804f-4b2ab3384b71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49348", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113951067139075642", "content": "", "creation_timestamp": "2025-02-05T11:34:57.452572Z"}, {"uuid": "889a2643-7d62-49b6-8788-8bfd05ec618d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49348", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhgyrvs6te24", "content": "", "creation_timestamp": "2025-02-05T16:33:36.297691Z"}, {"uuid": "1458edfb-aa61-4527-b135-54082f0e090e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49348", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhgkfgvy3r2j", "content": "", "creation_timestamp": "2025-02-05T12:16:05.018008Z"}]}