IBM, known as the grandfather of computing as well as a tech industry disruptor, has dealt with software vulnerabilities present in its subsidiary companies as well as direct attacks from nation-state cybercrime groups in the past.
International Business Machines
IBM (International Business Machines), is a founding father of Information Technology. Founded in 1911, the American mega-corporation had humble beginnings producing computing scales, time recorders, early electronic industrial machines, and employee time clocks. Today, the company employs well over 300,000 employees worldwide, and it is one of the biggest tech companies in the world. Most of the industry, including over three-fourths of all banks today, rely on and require the services of IBM for mainframes, processing, and information security.
The Infosphere Data Replication Vulnerability
On September 17th, 2021 IBM released a software vulnerability report on its official IBM Support Security Bulletin portal (public CVE ID code CVE-2020-27221.) The software vulnerability relates to a JDK (Java Development Kit) vulnerability within IBM’s Infosphere Data Replication product. With a lofty CVSS score of 9.8, this particular vulnerability is very critical.
IBM Infosphere Data Replication
According to IBM, Infosphere Data Replication is “Log-based change data capture with real-time replication that provides trusted data integration and synchronization.” This product replicates the information between heterogeneous data stores. With real-time capabilities, the product benefits database migrations, warehousing, business analytics, applications, and more offering reduced costs, a centralized monitoring platform, and increased agility for business operations.
Technical Details
This high-risk vulnerability is type stack-based buffer flow. More in-depth details reveal that the issue specifically lies with Eclipse OpenJ9. This is because Eclipse contains the JDK environment which encompasses Infosphere Data Replication. It is vulnerable to a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characters to platform encoding. By sending an overly long string, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
Vulnerable Versions
The vulnerable software versions of Infosphere Data Replication are as follows; InfoSphere Data Replication 11.4.0InfoSphere Data Replication 11.3.3 Operating Systems; Linux on IBM Z, Solaris, AIX, HP-UX, Linux,Windows.
Important User Information
Users should know that a patch is available for this security vulnerability, and unpatched versions of InfoSphere Data Replication should not be used. The security fixes for Infosphere Data Replication 11.4.0 can be found here, while for version 11.3.3 users should check here. Users of IBM products can also subscribe to ‘My Notifications’ to automatically receive the latest alerts like this one, on this page.