[vc_row pix_particles_check=”” nav_skin=”light” consent_include=”include”][vc_column][vc_column_text]A critical security vulnerability has been identified in IBM WebSphere Application Server that can cause remote code execution by threat actors.

The security vulnerability (coded as CVE-2023-23477) is caused by an incorrect authentication that occurs during data processing. A remote threat actor can execute random code on the targeted system by sending specially prepared data to the server.

IBM released a security bulletin

This vulnerability affects versions of IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server 8.5. IBM has released updates to fix the vulnerability. To avoid being targeted in attacks that can be carried out using the vulnerability, it is recommended that users of the following versions of the IBM WebSphere Application Server apply the latest updates immediately:

For IBM WebSphere Application Server users who use versions between 9.0.0.0 and 9.0.5.7:

• Apply Fix Pack 9.0.5.8 or a later version.

For IBM WebSphere Application Server users who use versions between 8.5.0.0 and 8.5.5.19:

• Apply Fix Pack 8.5.5.20 or later versions.

[/vc_column_text][vc_empty_space][/vc_column][/vc_row]