IBM network security specialists have disclosed the detection and correction of multiple vulnerabilities in various products. According to these security reports, exploiting these flaws would allow threat actors to take full control of the compromised network, so it is necessary to update as soon as possible.
The first security issue encountered is a XML
External Entity Injection (XXE) vulnerability in IMB Security Access Manager
v22.214.171.124. The vulnerability, tracked as CVE-2019-4707, is triggered when
processing XML data; a remote attacker could exploit the flaw to expose
sensitive information or exhaust the target system memory. The flaw received a
score of 7/10 on the Common Vulnerability Scoring System (CVSS) scale.
No workarounds are known so far, so it is recommended that admins deploy the IBM update to mitigate the risk of exploiting this vulnerability.
The following report relates to the correction
of two vulnerabilities in HTTP/2. Some HTTP/2 implementations are vulnerable to
resource loops, which could lead to a denial
of service (DoS) condition. Threat actors create multiple request flows
to generate changes in the priority tree, consuming CPU resources. The first of
these flaws was identified as CVE-2019-9513 and received a score of 7.5/10 on
the CVSS scale, network security experts mention.
On the other hand, CVE-2019-9511 is a flaw that
allows hackers to manipulate the window size and transmission priority to force
the server to queue the data in 1-byte chunks. Depending on the efficiency of
this process, an excess of memory consumption, CPU consumption, or even both
Finally, a vulnerability was reported in
WebSphere Application Server ND, which is included with IBM Security Identity
Manager. According to network security experts from the International Institute
of Cyber Security (IICS), exploitation would allow attackers to access
sensitive information due to sending a specially designed URL. The fault
received a score of 3.5/10.
IBM addressed reported vulnerabilities as soon
as possible, so administrators should only install official fixes on
potentially compromised systems. For more details, please refer to the official
website of the company.