The IBM security team has issued an official statement regarding fixes to mitigate a remote code execution vulnerability (tracked as CVE-2020-4450) in the WebSphere Application Server (WAS) product. Apparently, the vulnerability exists due to the deserialization of the IIOP protocol.
WebSphere Application Server is a software product that fulfills the role of a web application server. More specifically, it is a software framework and middleware that hosts Java-based web applications. It is the flagship product within the IBM WebSphere software package.
According to the report, threat actors could exploit this flaw remotely on the WAS server using the vulnerable protocol, executing arbitrary code on the target server to eventually take control of the server completely. The flaw received a score of 9.8/10 according to the Common Vulnerability Scoring System (CVSS), so it is considered a critical flaw.
The vulnerability resides in the following versions of WAB:
- WebSphere Application Server 9.0.0.0 – 9.0.5.4
- WebSphere Application Server 8.5.0.0 – 8.5.5.17
- WebSphere Application Server 8.0.0.0 – 8.0.0.15
- WebSphere Application Server 7.0.0.0 – 7.0.0.45
IBM developers announced the release of a security patch a few days ago, and an additional patch was announced for the unsupported version of WAS. There are no known workarounds for this flaw, so it is recommended that users of affected deployments install the updates as soon as possible.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.