Critical vulnerabilities found in IBM ServeRAID Manager & IBM Rational Team Concert

IBM digital forensics team has just released a couple of reports on security vulnerabilities in some of its products. The first report concerns a vulnerability in IBM ServeRAID Manager, versions 9.30-17006 and earlier. This flaw exposes a Java RMI that would allow an unauthenticated remote threat actor to execute arbitrary code on the exposed system.

This implementation includes a built-in instance of Java version 1.4.2; both developments are no longer supported. ServeRAID Manager employs a Java remote method invocation on port 34571/tcp that listens on all default interfaces.

Because ServeRAID Manager runs with administrator privileges on Windows systems, an unauthenticated hacker with network access can exploit the vulnerable RMI interface to launch an attack, similar to the known vulnerability tracked as CVE-2011-3556.

The flaw was reported by the expert team set by Brendan Saulsbury, Ariel Montano Cardenas, Lavelle Perry and Swagat Das. Because ServeRAID Manager is no longer supported, digital forensics specialists consider it unlikely that IBM will release a security update.

On the other hand, IBM reported the discovery of a vulnerability in OpenSSL that affects IBM Rational Team Concert; exploiting this flaw would allow a remote hacker to abuse the application.

OpenSSL is used by the Rational BuildForge Agent, delivered with IBM Rational Team Concert (RTC). The fault has already been addressed by the managers of this product. The versions exposed to the exploitation of this flaw are:

  • Rational Team Concert v6.0.2
  • Rational Team Concert v6.0.6.1
  • Rational Team Concert v6.0.6 

The report mentions that the failure is of low severity; however, administrators of the affected deployments are advised to install the updates released by IBM to completely mitigate the risk of exploiting the vulnerability. According to digital forensics specialists, details on these findings can be found on IBM’s official platforms.