[CIVN-2022-0451] Command injection vulnerability in IBM InfoSphere Information Server

Command injection vulnerability in IBM InfoSphere Information Server

Indian - Computer Emergency Response Team (cert-in.org.in)

Severity Rating: HIGH

Software Affected

IBM InfoSphere Information Server version 11.7

Overview

A vulnerability has been reported in IBM InfoSphere Information Server

which could allow a remote attacker to execute arbitrary OS commands on the

targeted system.

Description

This vulnerability exists in IBM InfoSphere Information Server due to

improper input validation of special elements . A remote attacker could

exploit this vulnerability by sending specially crafted data to the

application.

Successful exploitation of this vulnerability could allow a remote attacker

to execute arbitrary OS commands on the targeted system.

Solution

Apply appropriate software fixes as available on the vendor website:

https://www.ibm.com/support/pages/node/6833566

Vendor Information

IBM

https://www.ibm.com/support/pages/node/6833566

CVE Name

CVE-2022-40752

About Cert Advisory

We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.

[CIVN-2022-0451] Command injection vulnerability in IBM InfoSphere Information Server

About Cert Advisory

Related Posts

Popular Posts

Facebook

Blog Archive