November 26, 2024 at 09:01AM
IBM announced patches for multiple vulnerabilities, including two severe remote code execution issues in Data Virtualization Manager and Security SOAR. These flaws could allow unauthorized code execution. Users are advised to update their systems promptly. Additional vulnerabilities in other IBM products were also addressed. Details are available on IBM’s security bulletins page.
### Meeting Takeaways:
1. **Vulnerability Patches Announcement**:
– IBM announced patches for multiple vulnerabilities across its products, focusing on two high-severity remote code execution (RCE) issues.
2. **Key Vulnerabilities**:
– **Data Virtualization Manager (CVE-2024-52899)**:
– Severity: High (CVSS score 8.5).
– Issue: Allows remote, authenticated attackers to inject malicious JDBC URL parameters leading to arbitrary code execution.
– Action: Fix packs available for versions 1.1 and 1.2 with download instructions provided.
– **Security SOAR (CVE-2024-45801)**:
– Severity: High (CVSS score 7.3).
– Issue: Prototype pollution flaw via the DOMPurify component, enabling RCE.
– Action: Vulnerability resolved in version 51.0.4.0, removing the culprit component, with upgrade instructions issued.
3. **Additional Vulnerabilities**:
– High-severity vulnerabilities addressed include:
– **Watson Speech Services Cartridge for Cloud Pak for Data (CVE-2024-49353)**: Potential crash issue.
– **OpenSSL in Data Observability by Databand (CVE-2024-6119)**: Denial-of-service (DoS) vulnerability.
– Disclosed medium- and low-severity security defects in Engineering Lifecycle Management, concerning cross-site scripting (XSS), user interface access changes, and credential exposure.
– Issues related to:
– Plain text storage of user credentials in IBM Workload Scheduler.
– Insufficient session expiration in Watson Query and Db2 Big SQL on Cloud Pak for Data granting access to sensitive info.
4. **Exploitation Status**:
– IBM has not reported any of these vulnerabilities being exploited in the wild.
5. **User Advisory**:
– Users are advised to update their systems promptly. Further details can be found on IBM’s security bulletins page.