A Command Injection vulnerability was recently discovered on IBM Security Guardium which allows threat actors to execute arbitrary commands on the affected system remotely.
This vulnerability was due to improper neutralization of special elements used in OS command (CWE-78).
IBM Security Guardium is a data protection platform that can be used by security teams to automatically analyze data environments considered sensitive.
This includes cloud environments, big data platforms, data warehouses, databases, file systems, etc. IBM has released security patches to fix this vulnerability.
CVE-2023-35893: Command injection in CLI vulnerability
This vulnerability allows an unauthenticated, remote attacker to execute arbitrary commands in the affected system by sending specially crafted inputs. The CVSS score for this vulnerability is given as 9.9 ( Critical ).
Affected Products and Fixed in version
Product Versions Fix IBM Security Guardium10.6https://www.ibm.com/support/fixcentral/swg/quickorderparent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=Linux&function=fixId&fixids=SqlGuard_10.0p1023_Security-Fix&includeSupersedes=0&source=fcIBM Security Guardium11.3https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p387_Security-Fix&includeSupersedes=0&source=fcIBM Security Guardium11.4https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p476_Security-Fix&includeSupersedes=0&source=fcIBM Security Guardium11.5https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=11.0&platform=Linux&function=fixId&fixids=SqlGuard_11.0p528_Security-Fix&includeSupersedes=0&source=fc
This vulnerability was discovered and reported to IBM by a security researcher Michał Bogdanowicz from NORDEA BANK ABP.
In order to fix this vulnerability, IBM has released steps to follow for each version of IBM Security Guardium on how to apply the patches. Users are recommended to follow the steps mentioned in the official documentation and fix this vulnerability.
