漏洞描述 IBM Operational Decision Manager8.10.3、8.10.4、8.10.5.1、8.11、8.11.0.1和8.12.0.1在向某个API传递未经检查的参数时,容易受到通过JNDI注入的远程代码执行攻击。IBMX-Force ID:279145。
相关漏洞推荐 POC CVE-2024-22319: IBM Operational Decision Manager - JNDI Injection POC CVE-2024-22320: IBM Operational Decision Manager - Java Deserialization POC CVE-2024-22320: IBM Operational Decision Manager - Java Deserialization IBM Operational Decision Manager CVE-2024-22320 代码执行漏洞