Primary

Context

IBM Integration Bus for z/OS Code Injection Vulnerability Allowing Privilege Escalation

Vulnerability

A code injection vulnerability has been identified in IBM Integration Bus for z/OS versions 10.1.0.0 through 10.1.0.5. This vulnerability allows a privileged user with access to the IIB install directory to inject malicious code.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution within the application context, potentially allowing for privilege escalation.

Remediation

Users are advised to apply the interim fix for APAR PH65769, available for version 10.1.0.5, through IBM Fix Central.

Added: Jul 7, 2025, 5:29 PM

Updated: Jul 7, 2025, 5:29 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

2.8

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

2.8

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Integration Bus for z/OS Code Injection Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating