SB2026010746 - Multiple vulnerabilities in IBM InfoSphere Data Replication

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2026010746

SB2026010746 - Multiple vulnerabilities in IBM InfoSphere Data Replication

Published: January 7, 2026

Security Bulletin ID SB2026010746
Severity
High
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

High 50% Medium 25% Low 25%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Deserialization of Untrusted Data (CVE-ID: CVE-2025-27818)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data. A remote user can set the sasl.jaas.config property for connector's Kafka clients to 'com.sun.security.auth.module.LdapLoginModule' through various override properties (producer.override.sasl.jaas.config, consumer.override.sasl.jaas.config, or admin.override.sasl.jaas.config). This configuration enables the server to connect to an attacker's LDAP server and deserialize the LDAP response, potentially leading to the execution of java deserialization gadget chains on the Kafka connect server. 


2) Server-Side Request Forgery (SSRF) (CVE-ID: CVE-2025-27817)

The disclosed vulnerability allows a remote attacker to perform SSRF attacks.

The vulnerability exists due to insufficient validation of user-supplied input in Apache Kafka Client. The application accepts configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url". A remote attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.

Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.


3) Deserialization of Untrusted Data (CVE-ID: CVE-2025-27819)

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to insecure input validation when processing serialized data. A remote attacker can pass specially crafted data to the application and perform a denial of service attack.


4) Deserialization of Untrusted Data (CVE-ID: CVE-2023-25194)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to Apache Kafka Connect performs deserialization of data retrieved from the configured LDAP server in "com.sun.security.auth.module.JndiLoginModule". A remote user ability to create/modify connectors on the server with an arbitrary Kafka client SASL JAAS config can configure the server to connect to a malicious LDAP server and execute arbitrary Java code on the system.


Remediation

Install update from vendor's website.

References