CVE-2024-22332

Summary

CVE-2024-22332 is a newly disclosed vulnerability affecting the AdminAPI component of IBM Integration Bus for z/OS versions 10.1 through 10.1.0.2. This issue allows an attacker to cause a denial of service by exhausting the file system, as reported by IBM X-Force with ID 279972. By manipulating specific requests to the AdminAPI, an attacker can trigger excessive file creation or deletion, leading to a state where the file system can no longer accommodate new files, thereby denying service to legitimate users. IBM urges users to apply the available patch to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.