Today’s security bulletin concerns the IBM HTTP server (powered by Apache), vulnerable to 2 major flaws that could cause malicious file downloads (CVE-2023-45802) and/or data theft (CVE-2023-31122).
Firstly, arbitrary files can be downloaded via the stream management platform: Apache StreamPark.
Within this development framework, an authenticated attacker could download these files by sending 2 HTTP requests specifically designed to exploit these vulnerabilities.
The first attacks the platform, and due to its poor validation of file extensions, authorizes the execution of arbitrary code.
(CVE-2023-45802)
The second request attacks the Apache HTTP server, and through an out-of-bounds read flaw in the mod_macro module, the intruder can obtain sensitive information and use it to relaunch another attack against the affected system.
(CVE-2023-31122)
These 2 vulnerabilities carry a high risk score of 7.5 (CVSS basis) but can fortunately be resolved by applying a PTF to your IBM i, which you can find here: https: //lnkd.in/epwj9hYg Note that these patches concern IBM i versions 7.5, 7.4, 7.3 and 7.2).
