IBM Operational Decision Manager
By the Year
In 2024 there have been 2 vulnerabilities in IBM Operational Decision Manager with an average score of 9.3 out of ten. Operational Decision Manager did not have any published security vulnerabilities last year. That is, 2 more vulnerabilities have already been reported in 2024 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 2 | 9.30 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 1 | 9.10 |
It may take a day or so for new Operational Decision Manager vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Operational Decision Manager Security Vulnerabilities
IBM Operational Decision Manager 8.10.3 could
CVE-2024-22320
8.8 - High
- February 02, 2024
IBM Operational Decision Manager 8.10.3 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of SYSTEM. IBM X-Force ID: 279146.
Marshaling, Unmarshaling
IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, 8.11.1 and 8.12.0.1 is susceptible to remote code execution attack
CVE-2024-22319
9.8 - Critical
- February 02, 2024
IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, 8.11.1 and 8.12.0.1 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 279145.
Injection
IBM Operational Decision Management 8.5
CVE-2018-1821
9.1 - Critical
- December 13, 2018
IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150170.
XXE
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Operational Decision Manager or by IBM? Click the Watch button to subscribe.
