Summary: IBM has issued a critical security advisory for its webMethods Integration Server, highlighting multiple vulnerabilities that could allow authenticated users to execute arbitrary commands and escalate privileges. These vulnerabilities, particularly severe in version 10.15, pose significant risks to organizations if not addressed promptly.
Threat Actor: Unknown | unknown
Victim: Organizations using IBM webMethods Integration Server | IBM webMethods Integration Server
Key Point :
- Multiple vulnerabilities in IBM webMethods Integration Server version 10.15 allow authenticated users to execute arbitrary commands and escalate privileges.
- CVE-2024-45076 (CVSS 9.9) enables file upload and execution on the server, posing a severe risk of data breaches and system compromise.
- CVE-2024-45075 (CVSS 8.8) allows creation of scheduler tasks without proper authentication, leading to potential administrative access.
- CVE-2024-45074 (CVSS 6.5) permits directory traversal, risking unauthorized access to sensitive files.
- Organizations are urged to apply Corefix 14 immediately to mitigate these vulnerabilities and protect their systems.
IBM has issued a critical security advisory for its webMethods Integration Server, revealing multiple vulnerabilities that could allow authenticated users to execute arbitrary commands, escalate privileges, and access sensitive files. The vulnerabilities, affecting version 10.15 of the software, pose a significant risk, with one vulnerability receiving a CVSS score of 9.9.
Vulnerabilities Explained:
- CVE-2024-45076 (CVSS 9.9): A high-severity flaw enabling authenticated users to upload and execute malicious files on the underlying operating system. This vulnerability grants attackers significant control over the server, potentially leading to data breaches, service disruptions, or even complete system compromise.
- CVE-2024-45075 (CVSS 8.8): Another critical issue allows authenticated users to create scheduler tasks without proper authentication, leading to privilege escalation. Attackers could exploit this flaw to gain administrative access, further amplifying their control over the system.
- CVE-2024-45074 (CVSS 6.5): A medium-severity vulnerability permits authenticated users to traverse directories, potentially accessing sensitive files outside their intended scope. While not as severe as the previous flaws, this vulnerability could still lead to unauthorized data exposure.
Affected Users:
Organizations running IBM webMethods Integration version 10.15 are strongly urged to apply the recommended fixes immediately. The potential impact of these vulnerabilities is significant, making prompt action crucial to safeguard your systems and data.
Remediation:
IBM has released Corefix 14 for Integration Server to address these vulnerabilities. Users are advised to download and install this fix using Update Manager as soon as possible. Delaying remediation could leave your systems exposed to serious security risks.