Security updates: DoS attacks on IBM software possible

Several IBM applications are vulnerable to DoS attacks. Security updates have now been released that close several gaps.

DoS vulnerabilities

The most dangerous in this context is a vulnerability (CVE-2023-51775"high") in SPSS Collaboration and Deployment Services of WebSphere Application Server. Specifically, the vulnerability affects the jose4j library.

It is currently not known how such an attack could take place. It also remains unclear whether there are already attacks and how admins can recognize systems that have already been compromised. As can be seen from a warning message, version 8.5.0.0-IM-ScaDS-REPOSITORYSERVER-IF014 is equipped against the attack described.

In addition, the developers have closed further DoS vulnerabilities(CVE-2024-45085"medium", CVE-2024-7254"high") in WebSphere Application Server. At this point, one vulnerability affects the Google Protocol Buffers library, for example.

Further information on threatened versions and issues secured against possible attacks can be found behind the CVE numbers linked to the software manufacturer's warning messages. IBM does not mention any workarounds to temporarily protect systems. As a result, admins should install the security patches promptly.

Another threat

If attackers successfully exploit a security vulnerability(CVE-2024-45296"high") in App Connect Enterprise, this can also lead to a DoS state, which usually results in software crashes. All an attacker has to do is remotely send prepared regex requests to vulnerable instances. The IBM App Connect Enterprise v12 – Fix Pack 12.0.12.7 version is secured against this.

(des)