Sunday, February 9, 2025
Homecyber securityCritical Vulnerability in IBM Security Directory Enables Session Cookie Theft

Critical Vulnerability in IBM Security Directory Enables Session Cookie Theft

Published on

SIEM as a Service

Follow Us on Google News

IBM has announced the resolution of several security vulnerabilities affecting its IBM Security Directory Integrator and IBM Security Verify Directory Integrator products.

The vulnerabilities, identified through the Common Vulnerabilities and Exposures (CVE) system, expose users to various risks, including sensitive data disclosure and potential cookie theft.

The company urges customers to update to the latest versions of the software to mitigate these risks.

Details of Vulnerabilities

CVE-2024-28771 and CVE-2024-28770 are vulnerabilities in IBM Security Directory Integrator caused by the failure to set the secure attribute on authorization tokens or session cookies, allowing attackers to intercept cookie values via non-secure HTTP links, with a CVSS base score of 4.8.

CVE-2024-28766, while less severe with a CVSS base score of 2.4, involves unauthorized disclosure of sensitive directory information, potentially aiding attackers in planning further exploits.

Impacted Products and Versions

The vulnerabilities impact the following products and their respective versions:

  • IBM Security Directory Integrator version 7.2.0
  • IBM Security Verify Directory Integrator version 10.0.0

IBM has released fixes to address these vulnerabilities. For IBM Security Directory Integrator 7.2.0, users must apply the fix pack version 7.2.0-ISS-SDI-FP0013, while IBM Security Verify Directory Integrator users are advised to upgrade to version 10.0.0.2 of the product.

Containerized versions of IBM Security Verify Directory Integrator 10.0.0 have been updated, and the relevant container images are made available through IBM’s official documentation portal.

IBM strongly recommends that customers update their software to the latest versions without delay.

The company has not provided any workarounds or mitigations, emphasizing the importance of applying the patches.

Are you from SOC/DFIR Teams? – Analyse Malware Files & Links with ANY.RUN Sandox -> Try for Free

Aman Mishra
Aman Mishra
Aman Mishra is a Security and privacy Reporter covering various data breach, cyber crime, malware, & vulnerability.

Latest articles

UK Pressures Apple to Create Global Backdoor To Spy on Encrypted iCloud Access

United Kingdom has reportedly ordered Apple to create a backdoor allowing access to all...

Autonomous LLMs Reshaping Pen Testing: Real-World AD Breaches and the Future of Cybersecurity

Large Language Models (LLMs) are transforming penetration testing (pen testing), leveraging their advanced reasoning...

Securing GAI-Driven Semantic Communications: A Novel Defense Against Backdoor Attacks

Semantic communication systems, powered by Generative AI (GAI), are transforming the way information is...

Cybercriminals Target IIS Servers to Spread BadIIS Malware

A recent wave of cyberattacks has revealed the exploitation of Microsoft Internet Information Services...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

UK Pressures Apple to Create Global Backdoor To Spy on Encrypted iCloud Access

United Kingdom has reportedly ordered Apple to create a backdoor allowing access to all...

Autonomous LLMs Reshaping Pen Testing: Real-World AD Breaches and the Future of Cybersecurity

Large Language Models (LLMs) are transforming penetration testing (pen testing), leveraging their advanced reasoning...

Securing GAI-Driven Semantic Communications: A Novel Defense Against Backdoor Attacks

Semantic communication systems, powered by Generative AI (GAI), are transforming the way information is...