Advisory No: TZCERT/SA/2024/05/10-1
Date of First Release: 10th May 2024
Source: IBM
Software Affected: IBM Cloud Pak, IBM Maximo Application Suite
Overview:
IBM Cloud Pak, IBM Maximo Application Suite are vulnerable to a critical vulnerability. The attackers can leverage the vulnerability to gain the escalated privilege.
Description:
The critical vulnerability rated at 9.8 and tracked as CVE-2023-41419 is affecting IBM Cloud Pak, IBM Maximo Application Suite. The flaw exists in the WSGIServer component. The attackers can exploit the vulnerability using a specially crafted script to gain escalated privilege.
Impact:
Successful exploitation of this vulnerability may allow an attacker to gain escalated privilege.
Solution:
IBM has released security patches for this vulnerability. Users and administrators are encouraged to apply necessary updates.
References: