Privilege escalation vulnerability in IBM Cloud Pak, IBM Maximo Application Suite (CVE-2023-41419)

Imechapishwa: May 13, 2024 16:04

Advisory No: TZCERT/SA/2024/05/10-1

Source: IBM

Software Affected: IBM Cloud Pak, IBM Maximo Application Suite

Overview

IBM Cloud Pak, IBM Maximo Application Suite are vulnerable to a critical vulnerability. The attackers can leverage the vulnerability to gain the escalated privilege

Description

The critical vulnerability rated at 9.8 and tracked as CVE-2023-41419 is affecting IBM Cloud Pak, IBM Maximo Application Suite. The flaw exists in the WSGIServer component. The attackers can exploit the vulnerability using a specially crafted script to gain escalated privilege.

Impact

Successful exploitation of this vulnerability may allow an attacker to gain escalated privilege

Solution

IBM has released security patches for this vulnerability. Users and administrators are encouraged to apply necessary updates.

Subscribe To TZ - CERT Newsletter

A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.

Subscribe
Ripoti Tukio