Bird_banner_small4
IBM Informix OpenAdmin Tool welcomeService.php Command Execution
TSL ID TSL20170523-13
CVE ID(s) CVE-2017-1092
Severity Critical
Description

An input validation vulnerability has been reported in the welcomeService.php script of IBM Informix OpenAdmin Tool, packaged as part of Dynamic Server. The vulnerability is due to a failure on part of the script to properly parse user-supplied input to its SOAP interface.

A remote, unauthenticated attacker could exploit this vulnerability by sending maliciously crafted HTTP requests to the target server. Successful exploitation could result in code execution under the security context of SYSTEM.

IBM has published an advisory to address this issue:

http://www-01.ibm.com/support/docview.wss?uid=swg22002897

Affected Products
  • IBM Informix Dynamic Server prior to 11.50.xC9
  • IBM Informix Dynamic Server prior to 11.70.xC9
  • IBM Informix Dynamic Server prior to 12.10.xC8W2
CVSS Score Base 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C):
  • Access vector is NETWORK
  • Access complexity is LOW
  • Level of authentication required is NONE
  • Impact of this vulnerability on data confidentiality is COMPLETE
  • Impact of this vulnerability on data integrity is COMPLETE
  • Impact of this vulnerability on data availability is COMPLETE
Temporal 8.3 (E:F/RL:OF/RC:C):
  • The exploitability level of this vulnerability is FUNCTIONAL
  • The remediation level of this vulnerability is OFFICIAL FIX
  • The report confidence level of this vulnerability is CONFIRMED
References https://blogs.securiteam.com/index.php/archives/3210
https://www.rapid7.com/db/modules/exploit/multi/http/ibm_openadmin_tool_soap_welcomeserver_exec
http://www-01.ibm.com/support/docview.wss?uid=swg22002897
Related Threats