Full Report
IBM security advisory (AV26-597)
Analysis Summary
# Vulnerability: Multiple Vulnerabilities in IBM Product Suite (AV26-597)
## CVE Details
*Note: This security bulletin (AV26-597) acts as a consolidated advisory covering multiple CVEs across the IBM ecosystem. Individual CVSS scores vary by product.*
- **CVE ID:** Multiple (Refer to individual IBM advisories for specific CVE-YYYY-XXXXX)
- **CVSS Score:** Up to 10.0 (Critical)
- **CWE:** Varies (Includes Injection, Broken Access Control, and Software/Configuration errors)
## Affected Systems
- **Products & Versions:**
- **IBM Aspera Shares:** 1.9.9 to 1.11.2
- **IBM Cloud Pak for Data System (CPDS):** 1.0.0.0 to 1.0.10.0
- **IBM DevOps/Rational ClearCase:** 9.1, 10.0.0, and 11.0
- **IBM Rational ClearQuest:** 9.1 to 9.1.0.11; 10.0 to 10.0.10
- **IBM WebSphere Application Server & Liberty:** Multiple versions including Liberty 17.0.0.3 to 26.0.0.5
- **IBM watsonx Orchestrate:** Versions spanning 4.8.4 to 5.3.2
- **IBM Guardium Key Lifecycle Manager:** 4.1
- **IBM Tivoli Monitoring:** 6.3.0.7 to 6.3.0.7 SP 22
- **IBM Software Support App (iOS/Android):** 4.0.0 to 4.0.1
- **Other affected products:** Automation Decision Services, Event Processing, Instana (OnPrem), SPSS Collaboration, and IBM i.
## Vulnerability Description
The advisory covers a wide range of security flaws discovered between June 8 and June 14, 2026. The technical nature of these flaws includes critical remote code execution (RCE) risks, unauthorized data access, and privilege escalation vulnerabilities resulting from outdated components or improper input validation within the listed IBM enterprise software suites.
## Exploitation
- **Status:** Vulnerabilities are patched; exploitation status varies by specific CVE (Check IBM PSIRT for active "in the wild" flags).
- **Complexity:** Low to High (Dependent on specific product)
- **Attack Vector:** Primarily Network (Remote)
## Impact
- **Confidentiality:** High (Potential for full data exfiltration)
- **Integrity:** High (Potential for unauthorized system modification)
- **Availability:** High (Potential for complete service disruption)
## Remediation
### Patches
IBM has released updates for the affected products. General remediation involves upgrading to the following versions or later:
- **Aspera Shares:** Upgrade beyond 1.11.2.
- **WebSphere Liberty:** Upgrade to version 26.0.0.6 or higher.
- **Rational ClearQuest/ClearCase:** Apply the latest fix packs for versions 10.x and 11.x.
- **Mobile Apps:** Update IBM Software Support App to the latest version via the Apple App Store or Google Play Store.
### Workarounds
Specific workarounds (such as disabling vulnerable features or restricting IP access) are managed on a per-product basis via the IBM Support portal. However, immediate patching is the recommended course of action for critical-rated flaws.
## Detection
- **Indicators of Compromise:** Monitor for unusual administrative logins, unauthorized file transfers in Aspera, or unexpected process executions in WebSphere environments.
- **Detection methods:** Utilize vulnerability scanners updated with the latest June 2026 plugin sets to identify unpatched IBM middleware and applications.
## References
- **Vendor Advisory:** hxxps[://]www[.]ibm[.]com/support/pages/bulletin/
- **Original Advisory:** hxxps[://]www[.]cyber[.]gc[.]ca/en/alerts-advisories/ibm-security-advisory-av26-597