Vulnerabilities in IBM WebSphere Integration Server could let attackers execute commands.

Home/Tips, vulnerability/Vulnerabilities in IBM WebSphere Integration Server could let attackers execute commands.

Vulnerabilities in IBM WebSphere Integration Server could let attackers execute commands.

Critical vulnerabilities have been found that could let attackers execute commands on systems. These issues, listed in the Common Vulnerabilities and Exposures (CVE) system, pose serious risks and need urgent attention.

All about the Vulnerability

IBM’s webMethods Integration Server, a widely used platform for connecting and integrating different applications and services, is impacted by three major vulnerabilities. These issues could potentially allow unauthorized access or manipulation of system functions, posing serious security risks.

CVE-2024-45076

The most severe vulnerability identified, CVE-2024-45076, allows an authenticated user to upload and execute any file on the operating system. With a CVSS Base Score of 9.9, this vulnerability is highly critical. It poses a significant risk as it could let attackers execute commands that compromise system security and data integrity.

CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)

Details: An authenticated user can create an OSCommand.cnf file and execute arbitrary commands, potentially gaining full control over the server.

CVE-2024-45075

CVE-2024-45075 is another serious issue with a CVSS Base Score of 8.8. It lets an authenticated user create scheduler tasks and gain administrator-level privileges because of missing authentication checks. This vulnerability can lead to unauthorized access to important system functions.

CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Details: An authenticated user can use the scheduler service to create a new user and give that user administrator privileges with the runAsUser function.

CVE-2024-45074

The third vulnerability, CVE-2024-45074, has a CVSS Base Score of 6.5 and allows directory traversal. An attacker can use specially crafted URL requests with “dot dot” sequences (/../) to access arbitrary files on the system.

While less severe than the other vulnerabilities, it still poses a significant risk by potentially exposing sensitive information.

CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)

Details: Even with checkFileRead enabled, an authenticated user can read files outside the designated directories.

Affected Products and Versions:

  • IBM webMethods Integration Server version 10.15 is affected.
  • Organizations using this version should:
    • Assess their systems.
    • Apply necessary patches to address the vulnerabilities.

Recommendations:

  • IBM advises prompt action to address these vulnerabilities.
  • Users should apply all available patches and updates.
  • Review access controls and authentication mechanisms to prevent unauthorized access and privilege escalation.

‍Follow Us on: Twitter, InstagramFacebook to get the latest security news!

By | 2024-09-10T02:34:17+05:30 September 9th, 2024|Tips, vulnerability|

About the Author:

FirstHackersNews- Identifies Security

Leave A Comment

Subscribe to our newsletter to receive security tips everday!