IBM WebSphere Application Server is vulnerable to remote code execution

Abstract

IBM WebSphere Application Server is vulnerable to a remote code execution (RCE) in the administrative console.

See also

Tested version

  • IBM WebSphere Application Server 9.0
  • IBM WebSphere Application Server 8.5

Fix

This vulnerablity is addressed in the currently available interim fix or fix pack containing APAR PH61489. It is recommended to apply the fix now.

  • For v9.0.0.0 through 9.0.5.20 the following fix is available APAR PH61489 or fix pack 9.0.5.21 or later which is targeted to be available in Q3 of 2024.

  • For v8.5.0.0 through v8.5.5.25 the following fix is available APAR PH61489 or fix pack 8.5.5.26 or later which is targeted to be available in Q3 of 2024.

Vulnerability details

IBM WebSphere Application Server 8.5 and 9.0 are vulnerable to a remote code execution vulnerablity. This vulnerability allows a (malicious) authenticated user, who has authorized access to the administrative console, to execute arbitrary code. Specially crafted payloads are required to exploit this vulnerablity, ultimately granting the user access beyond the scope of the application and even potentially gaining full control over the target server.

Questions or feedback?