IBM App Connect Enterprise: Attackers can bypass login
The developers at IBM have closed two security gaps in App Connect Enterprise Certified Container. However, attacks are not possible without further ado.
(Image: Photon photo/Shutterstock.com)
IBM App Connect Enterprise Certified Container is vulnerable with certain settings and attackers can target two vulnerabilities. Admins should ensure that a version secured against possible attacks is installed.
Companies use the integration software to process business information across multiple hardware and software platforms. According to a warning message, the developers have now closed two security vulnerabilities (CVE-2024-48948"high", CVE-2024-48949"high") in the Elliptic module of Node.js for verifying signatures.
However, only instances that use COS S3 Storage are at risk. If this is the case, attackers can circumvent security restrictions with specially prepared hash requests, for example, and thus gain unauthorized access. It is also possible for valid signatures to be rejected as untrustworthy in the course of an attack.
Videos by heise
Security update
The developers state that they have closed the problem in App Connect Enterprise Certified Container 11.6.0 (Continuous Delivery). Admins must also ensure that all dashboard components are at least version 12.0.12.2-r1.
App Connect Enterprise Certified Container 12.0 LTS should not be affected, but the dashboard components should still be up-to-date. App Connect Enterprise Certified Container 5.0 LTS version 5.0.18 is equipped against the attacks described.
So far, IBM has not reported any ongoing attacks. It also remains unclear at present which parameters admins can use to identify instances that have already been attacked.
(des)
