HomeMalware & ThreatsIBM Security Verify Access 10.0.8 - Open Redirection Vulnerability

IBM Security Verify Access 10.0.8 – Open Redirection Vulnerability

Published on

spot_img

In a recent security bulletin, IBM has disclosed a vulnerability in IBM Security Verify Access versions ranging from 10.0.0 to 10.0.8 that could potentially be exploited by remote attackers to redirect users to malicious websites. This vulnerability, classified as high severity by the National Institute of Standards and Technology (NIST) and medium severity by IBM, could allow attackers to gather sensitive information or launch further attacks against unsuspecting victims.

This vulnerability, identified as CVE-2024-35133, affects IBM Security Verify Access products, including IBM Security Verify Access Docker, and poses a significant risk to users utilizing the OAuth flow for authorization. By manipulating the “redirect_uri” parameter during an OAuth flow, attackers could spoof URLs to direct users to malicious websites that appear legitimate, tricking users into divulging sensitive information or falling victim to various cyber attacks.

During a penetration test of the OAuth flow, security researchers discovered an open redirect vulnerability that allowed attackers to bypass the parser’s logic responsible for verifying the validity of the “redirect_uri” parameter. By leveraging specific techniques outlined in RFC 3986, attackers could manipulate the Uniform Resource Identifier (URI) to redirect users to arbitrary domains under their control, posing a serious threat to user security.

The proof of concept provided in the security bulletin demonstrates how an attacker could exploit this vulnerability to redirect users to a malicious website by manipulating the OAuth flow. This could potentially result in the leakage of sensitive OAuth tokens, enabling attackers to carry out further malicious activities against unsuspecting victims.

IBM has taken steps to address this vulnerability by providing a patch or upgrade through Security Bulletin 7166712. Users are advised to refer to this bulletin for more information on how to mitigate the risk posed by this security flaw. Additional references provided in the bulletin offer further insight into the vulnerability and its impact on affected IBM Security Verify Access products.

The disclosure timeline outlined in the security bulletin highlights the proactive approach taken by security researchers, the client, and IBM to address this vulnerability. From the initial discovery of the flaw to the release of a pre-release fix and subsequent security bulletin, the coordinated efforts of all stakeholders involved in resolving this issue demonstrate a commitment to enhancing cybersecurity measures and protecting user data.

In conclusion, the open redirect vulnerability in IBM Security Verify Access versions 10.0.0 to 10.0.8 poses a significant risk to users and organizations reliant on this security solution. By following the recommended steps outlined in the security bulletin, users can mitigate the potential impact of this vulnerability and enhance the overall security posture of their systems. It is crucial for organizations to stay vigilant and implement necessary security measures to safeguard against similar security threats in the future.

Source link

Latest articles

Fake Google Play Store Pages Exploit Trusted Brand Names to Promote Gambling PWAs

Scammers are increasingly taking advantage of consumer trust in well-established household and financial brands...

AI Agent Leverages Langflow RCE to Automate Database Ransomware Attack

Security firm Sysdig recently announced a groundbreaking discovery, revealing what it claims to be...

Warning Over Industrialized Cyber Attacks by Ransomware Gang

Rising Threat: Cybercriminals Unite to Unleash Industrialized Ransomware In a significant development within the realms...

Adobe Introduces a Second Patch Tuesday Each Month for Faster Fixes

On June 30, Adobe took significant steps to address the growing urgency of cybersecurity...

More like this

Fake Google Play Store Pages Exploit Trusted Brand Names to Promote Gambling PWAs

Scammers are increasingly taking advantage of consumer trust in well-established household and financial brands...

AI Agent Leverages Langflow RCE to Automate Database Ransomware Attack

Security firm Sysdig recently announced a groundbreaking discovery, revealing what it claims to be...

Warning Over Industrialized Cyber Attacks by Ransomware Gang

Rising Threat: Cybercriminals Unite to Unleash Industrialized Ransomware In a significant development within the realms...