CVE-2024-47113 – This XML injection vulnerability in IBM ICP

Q: What is the severity of CVE-2024-47113?

CVE-2024-47113 has a CVSS score of 8.1 (HIGH). This XML injection vulnerability in IBM ICP - Voice Gateway allows remote attackers to send specially crafted XML statements to view or modify information in XML documents. It affects versions 1.0.2 through 1.0.8 of the software. Attackers could potentially manipulate XML data processing to access or alter sensitive information.

📋 TL;DR

This XML injection vulnerability in IBM ICP - Voice Gateway allows remote attackers to send specially crafted XML statements to view or modify information in XML documents. It affects versions 1.0.2 through 1.0.8 of the software. Attackers could potentially manipulate XML data processing to access or alter sensitive information.

💻 Affected Systems

Products:

IBM ICP - Voice Gateway

Versions: 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, 1.0.7.1, 1.0.8

Operating Systems: Not specified in advisory

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments running affected versions are vulnerable by default. No special configuration required for exploitation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of XML data integrity and confidentiality, allowing attackers to read sensitive information, modify configuration data, or potentially execute arbitrary code through XML manipulation.

🟠

Likely Case

Unauthorized viewing or modification of XML documents, potentially exposing configuration data, user information, or system settings.

🟢

If Mitigated

Limited impact with proper input validation and XML parsing controls in place, potentially preventing successful exploitation.

🌐 Internet-Facing: HIGH - Remote attackers can exploit this vulnerability without authentication, making internet-facing instances particularly vulnerable.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit this, but network segmentation reduces exposure.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting specific XML payloads but does not require authentication. Attackers need to understand XML injection techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply interim fix or upgrade to version 1.0.8.1 or later

Vendor Advisory: https://www.ibm.com/support/pages/node/7175791

Restart Required: No

Instructions:

1. Review IBM advisory at provided URL. 2. Apply interim fix or upgrade to version 1.0.8.1 or later. 3. Test in non-production environment first. 4. Deploy to production systems.

🔧 Temporary Workarounds

Input Validation Filtering

all

Implement strict input validation to filter or reject XML statements containing potentially malicious content

Network Access Restriction

all

Restrict network access to Voice Gateway instances to only trusted sources using firewall rules

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block XML injection attempts
Isolate vulnerable systems in segmented network zones with strict access controls

🔍 How to Verify

Check if Vulnerable:

Check IBM ICP - Voice Gateway version via administrative interface or configuration files. Compare against affected version list.

Check Version:

Check version in Voice Gateway administrative console or configuration files (specific command depends on deployment)

Verify Fix Applied:

Verify version is 1.0.8.1 or later. Test XML input handling with safe test payloads.

📡 Detection & Monitoring

Log Indicators:

Unusual XML payloads in request logs
XML parsing errors
Unexpected XML document modifications

Network Indicators:

XML injection patterns in network traffic
Unusual XML content in HTTP requests

SIEM Query:

Search for XML injection patterns in web logs: *xml* AND (*inject* OR *malicious* OR *specially crafted*)

📊 Metadata

CVE ID: CVE-2024-47113

CVSS v3 Score: 8.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-91

EPSS Score: 0.11% exploit probability (30.2th percentile)

Published: January 18, 2025

Last Updated: August 18, 2025

🔗 References

https://www.ibm.com/support/pages/node/7175791 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-47113, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Voice Gateway by Ibm

Voice Gateway by Ibm

Voice Gateway by Ibm

Voice Gateway by Ibm

Voice Gateway by Ibm

Voice Gateway by Ibm

Voice Gateway by Ibm

Voice Gateway by Ibm

Voice Gateway by Ibm

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Input Validation Filtering

Network Access Restriction

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities