CVE-2024-43192 MEDIUM

CVE-2024-43192: IBM Storage TS4500 Library cross-site request forgery

Vendor Ibm

Product Storage TS4500 Library

Weakness CWE-352 · CSRF

Published September 27, 2025

Last update September 29, 2025

View on NVD All CVEs

CVSS base score

6.5/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality None

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

What the vulnerability does

01Description

IBM Storage TS4500 Library 1.11.0.0 and 2.11.0.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

Key dates

02Disclosure timeline

September 27, 2025 CVE published

September 29, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-43192 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/352.html

Related vulnerabilities

04Related CVE

CVE-2023-46776 WordPress Auto Excerpt everywhere Plugin <= 1.5 is vulnerable to Cross Site Request Forgery (CSRF) CVE-2024-35632 WordPress Integration for Constant Contact and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerability CVE-2025-26963 WordPress ClickWhale plugin <= 2.4.3 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability CVE-2025-32661 WordPress Interactive US Map plugin <= 2.7 - CSRF to Stored XSS vulnerability CVE-2025-31474 WordPress WP Database Optimizer plugin <= 1.2.1.3 - Cross Site Request Forgery (CSRF) Vulnerability

Identifiers

CVE CVE-2024-43192

CWE CWE-352

CVSS 6.5 / MEDIUM

Affected versions

Vendor Ibm

Product Storage TS4500 Library

Affected 1.11.0.0

Vendor Ibm

Product Storage TS4500 Library

Affected 2.11.0.0