Multiple vulnerabilities in IBM App Connect Enterprise and IBM Integration Bus for z/OS



Risk Low
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2023-50310
CVE-2023-50311
CWE-ID CWE-522
Exploitation vector Network
Public exploit N/A
Vulnerable software
IBM App Connect Enterprise
Universal components / Libraries / Software for developers

Integration Bus for z/OS
Other software / Other software solutions

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Insufficiently protected credentials

EUVDB-ID: #VU88898

Risk: Low

CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-50310

CWE-ID: CWE-522 - Insufficiently Protected Credentials

Exploit availability: No

Description

The vulnerability allows a remote privileged user to gain access to other users' credentials.

The vulnerability exists due to IBM CICS Transaction Gateway transmits or stores authentication credentials using insecure method that is susceptible to unauthorized interception and/or retrieval. A remote privileged user can view contents of the configuration file and gain access to passwords for 3rd party integration.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM App Connect Enterprise: before 12.0.12.3

Integration Bus for z/OS: before 10.1.0.3

CPE2.3 External links

http://www.ibm.com/support/pages/node/7158081


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Insufficiently protected credentials

EUVDB-ID: #VU88899

Risk: Low

CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-50311

CWE-ID: CWE-522 - Insufficiently Protected Credentials

Exploit availability: No

Description

The vulnerability allows a remote privileged user to gain access to other users' credentials.

The vulnerability exists due to IBM CICS Transaction Gateway transmits or stores authentication credentials using insecure method that is susceptible to unauthorized interception and/or retrieval. A remote privileged user can view contents of the configuration file and gain access to passwords for 3rd party integration.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM App Connect Enterprise: before 12.0.12.3

Integration Bus for z/OS: before 10.1.0.3

CPE2.3 External links

http://www.ibm.com/support/pages/node/7158081


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###