CVE-2024-52892 – IBM Jazz for Service Management versions 1.1.3 ... (How to Fix)

Q: What is the severity of CVE-2024-52892?

CVE-2024-52892 has a CVSS score of 6.1 (MEDIUM). IBM Jazz for Service Management versions 1.1.3 through 1.1.3.23 contain a cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to inject malicious JavaScript into the web interface. This could lead to session hijacking, credential theft, or other malicious actions within trusted user sessions. Organizations running affected versions of IBM Jazz for Service Management are vulnerable.

📋 TL;DR

IBM Jazz for Service Management versions 1.1.3 through 1.1.3.23 contain a cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to inject malicious JavaScript into the web interface. This could lead to session hijacking, credential theft, or other malicious actions within trusted user sessions. Organizations running affected versions of IBM Jazz for Service Management are vulnerable.

💻 Affected Systems

Products:

IBM Jazz for Service Management

Versions: 1.1.3 through 1.1.3.23

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments of affected versions are vulnerable regardless of configuration.

📦 What is this software?

Jazz For Service Management by Ibm

View all CVEs affecting Jazz For Service Management →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal administrator credentials, gain full system access, and compromise the entire service management infrastructure.

🟠

Likely Case

Attackers steal user session cookies or credentials, leading to unauthorized access to service management data and functions.

🟢

If Mitigated

With proper input validation and output encoding, the attack fails to execute malicious scripts.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

XSS vulnerabilities typically have low exploitation complexity, especially when unauthenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.1.3.24 or later

Vendor Advisory: https://www.ibm.com/support/pages/node/7182508

Restart Required: Yes

Instructions:

1. Download the fix from IBM Fix Central. 2. Apply the fix according to IBM documentation. 3. Restart the Jazz for Service Management application.

🔧 Temporary Workarounds

Implement WAF with XSS Protection

all

Deploy a web application firewall configured to block XSS payloads.

Content Security Policy

all

Implement strict Content Security Policy headers to restrict script execution.

🧯 If You Can't Patch

Isolate the application behind a reverse proxy with XSS filtering.
Restrict network access to only trusted users and networks.

🔍 How to Verify

Check if Vulnerable:

Check the application version in the admin console or configuration files.

Check Version:

Check the version in the Jazz for Service Management administration interface or configuration files.

Verify Fix Applied:

Verify the version is 1.1.3.24 or later after applying the patch.

📡 Detection & Monitoring

Log Indicators:

Unusual JavaScript payloads in HTTP requests
Multiple failed XSS attempts

Network Indicators:

HTTP requests containing script tags or JavaScript payloads

SIEM Query:

Search for HTTP requests containing patterns like <script>, javascript:, or eval() in web server logs.

📊 Metadata

CVE ID: CVE-2024-52892

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.47% exploit probability (64.2th percentile)

Published: February 6, 2025

Last Updated: August 12, 2025

🔗 References

https://www.ibm.com/support/pages/node/7182508 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-52892, you might also want to check these: