The IBM security team has issued an official statement regarding fixes to mitigate a remote code execution vulnerability (tracked as CVE-2020-4450) in the WebSphere Application Server (WAS) product. Apparently, the vulnerability exists due to the deserialization of the IIOP protocol.
WebSphere Application Server is a software product that fulfills the role of a web application server. More specifically, it is a software framework and middleware that hosts Java-based web applications. It is the flagship product within the IBM WebSphere software package.
According to the report, threat actors could exploit this flaw remotely on the WAS server using the vulnerable protocol, executing arbitrary code on the target server to eventually take control of the server completely. The flaw received a score of 9.8/10 according to the Common Vulnerability Scoring System (CVSS), so it is considered a critical flaw.
The vulnerability resides in the following versions of WAB:
- WebSphere Application Server 22.214.171.124 – 126.96.36.199
- WebSphere Application Server 188.8.131.52 – 184.108.40.206
- WebSphere Application Server 220.127.116.11 – 18.104.22.168
- WebSphere Application Server 22.214.171.124 – 126.96.36.199
IBM developers announced the release of a security patch a few days ago, and an additional patch was announced for the unsupported version of WAS. There are no known workarounds for this flaw, so it is recommended that users of affected deployments install the updates as soon as possible.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.