June 19, 2020
On June 5, Beijing time, IBM released a security advisory to announce the fix of a remote code execution vulnerability (CVE-2020-4450) in WebSphere Application Server (WAS). This vulnerability is caused by deserialization of the IIOP protocol. An unauthenticated attacker could target the WAS server remotely via the IIOP protocol, causing arbitrary code execution on the target server to gain system privileges to take control of the server. This vulnerability is assigned the CVSS score of 9.8 and therefore is a high-risk one.
WebSphere Application Server is an enterprise-ready web middleware that is widely used in enterprises’ web services, thanks to its reliability, flexibility, and robustness. As this vulnerability has an extensive impact, affected users should take preventive measures as soon as possible.(more…)
WebSphere Application Server Remote Code Execution Vulnerability (CVE-2020-4276 and CVE-2020-4362) Threat Alert
April 17, 2020
IBM released security advisories to announce the fix of two remote code execution vulnerabilities (CVE-2020-4276 and CVE-2020-4362) in WebSphere Application Server.
The two vulnerabilities exist when WebSphere uses token-based authentication in an admin request over the SOAP connector.
By sending a maliciously crafted request to WebSphere SOAP Connector, an attacker could execute arbitrary code on an affected server in an unauthorized way.
October 14, 2019
On September 18, 2019, IBM officially released a security bulletin, disclosing an arbitrary file read vulnerability (CVE-2019-4505) in WebSphere (web service deployment middleware), which allows remote attackers to read sensitive files on the server via a crafted URL. This could result in attackers viewing any files in a certain directory, which may aid in further attacks. (more…)