CVE-2022-38712: 
IBM WebSphere App Server vulnerability analysis and mitigation

IBM WebSphere Application Server versions 7.0, 8.0, 8.5, and 9.0 were identified with a vulnerability (CVE-2022-38712) that could allow man-in-the-middle attackers to conduct SOAPAction spoofing to execute unwanted or unauthorized operations. The vulnerability was discovered and assigned on August 23, 2022, with IBM publishing the security bulletin on October 17, 2022 (IBM Security).

The vulnerability received a CVSS Base score of 5.9 with a vector of CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N, indicating a network-attackable vulnerability with high attack complexity, no privileges required, no user interaction needed, and potential for high impact on integrity. The vulnerability specifically affects the Web services component of the WebSphere Application Server when processing JAX-WS Web Services requests (IBM Security).

If exploited, this vulnerability could allow attackers to execute unauthorized or unwanted operations through SOAPAction spoofing attacks. The CVSS scoring indicates that while there is no impact on confidentiality or availability, there is a high potential impact on the integrity of the system (IBM Security).

IBM recommends addressing the vulnerability by applying the interim fix PH49111 or upgrading to specific fix pack levels. For version 9.0.0.0 through 9.0.5.13, users should upgrade to Fix Pack 9.0.5.14 or later. Version 8.5.0.0 through 8.5.5.22 users should upgrade to Fix Pack 8.5.5.23 or later. Version 8.0.0.0 through 8.0.0.15 users should upgrade to 8.0.0.15 and apply Interim Fix PH49111. Version 7.0.0.0 through 7.0.0.45 users should upgrade to 7.0.0.45 and apply Interim Fix PH49111. No workarounds are available for this vulnerability (IBM Security).