QID 87525

QID 87525: IBM HTTP Server Remote Code Execution (RCE) Vulnerability (6827119)

IBM HTTP Server powered by Apache is based on the Apache HTTP Server available for multiple platforms.

CVE-2022-40674: libexpat could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the doContent function in xmlparse.c.

Affected Versions:
IBM HTTP Server V9.0.0.0 through 9.0.5.13
IBM HTTP Server V8.5.0.0 through 8.5.5.22
IBM HTTP Server V8.0.0.0 through 8.0.0.15
IBM HTTP Server V7.0.0.0 through 7.0.0.45

QID Detection Logic (Un-Authenticated):
This checks for vulnerable version of IBM HTTP server using the following command "strings /opt/IHS/bin/httpd | grep -i 'IBM_HTTP_Server'".

Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code on the target system.

CVSS V3 rated as Critical - 9.8 severity.

CVSS V2 rated as High - 7.5 severity.

Solution

The vendor has released advisories and updates to fix these vulnerabilities. Refer to the following link for further details: HTTP Server Advisory (6827119)

Vendor References

6827119 - www.ibm.com/support/pages/node/6827119

CVEs related to QID 87525

CVE-2022-40674 |

Software Advisories

Advisory ID	Software	Component	Link
6827119			www.ibm.com/support/pages/node/6827119

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].