Critical IBM webMethods Vulnerabilites Let Attackers Execute Arbitrary Commands

In Cybersecurity News - Original News Source is cybersecuritynews.com by Blog Writer

Post Sharing

IBM has disclosed multiple critical vulnerabilities in its webMethods Integration Server, potentially allowing attackers to execute arbitrary commands on affected systems.

These vulnerabilities, identified in version 10.15 of the software, pose a severe risk to organizations using this platform for integration and API management.

The most severe of these vulnerabilities, CVE-2024-45076, has been assigned a CVSS base score of 9.9, indicating its critical nature. This vulnerability allows an authenticated user to upload and execute arbitrary files on the underlying operating system.

The potential for exploitation is high, given the low complexity required to carry out an attack, and the lack of user interaction needed. The impact on confidentiality, integrity, and availability is rated as high, making it imperative for organizations to address this issue urgently.

Decoding Compliance: What CISOs Need to Know – Join Free Webinar

Another notable vulnerability, CVE-2024-45075, with a CVSS base score of 8.8, involves privilege escalation. An authenticated user could exploit this flaw to create scheduler tasks that escalate their privileges to an administrator level due to missing authentication checks.

This could lead to unauthorized access and control over the system, further exacerbating the security risks associated with this platform.

The third vulnerability, CVE-2024-45074, allows directory traversal attacks, enabling an attacker to view arbitrary files on the system by sending specially crafted URL requests containing “dot dot” sequences.

This vulnerability has a CVSS base score of 6.5 and, while less severe than the others, still poses a significant threat by potentially exposing sensitive information.

IBM strongly advises all users of the affected version of the webMethods Integration Server to apply the necessary patches immediately.

The company has released Corefix 14 for the Integration Server, which can be installed using the Update Manager to mitigate these vulnerabilities. No workarounds or mitigations are available, making the application of these fixes crucial for maintaining system security.

These vulnerabilities highlight the ongoing challenges in securing complex integration platforms, which cyber attackers increasingly target due to their critical role in enterprise environments.

Organizations are urged to review their security posture and ensure that all systems are updated to protect against the potential exploitation of these vulnerabilities.

Download Free Incident Response Plan Template for Your Security Team – Free Download