Multiple vulnerabilities in IBM Cloud Transformation Advisor
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2018-1890 CVE-2018-12549 CVE-2018-12547 CVE-2019-2422 CVE-2019-2449 CVE-2019-2426 CVE-2018-11212 |
| CWE-ID | CWE-427 CWE-20 CWE-119 CWE-200 CWE-264 CWE-369 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
IBM Cloud Transformation Advisor Server applications / Other server solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Insecure DLL loading
EUVDB-ID: #VU71638
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-1890
CWE-ID:
CWE-427 - Uncontrolled Search Path Element
Exploit availability: No
DescriptionThe vulnerability allows a local user to elevate privilege on the system.
The vulnerability exists due to IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs. A local user can trigger the vulnerability to facilitate code injection and elevate privilege on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Transformation Advisor: 1.9.6 - 1.9.7
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_cloud_transformation_advisor:1.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_cloud_transformation_advisor:1.9.7:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/957765
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU77338
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-12549
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it. A remote attacker can pass specially crafted input to the application and execute arbitrary code on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Transformation Advisor: 1.9.6 - 1.9.7
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_cloud_transformation_advisor:1.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_cloud_transformation_advisor:1.9.7:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/957765
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU77337
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-12547
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to the jio_snprintf() and jio_vsnprintf() native methods ignored the length parameter. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Transformation Advisor: 1.9.6 - 1.9.7
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_cloud_transformation_advisor:1.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_cloud_transformation_advisor:1.9.7:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/957765
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU17051
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-2422
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information.
The weakness exists due to unspecified flaw in Libraries component. A remote attacker can gain access to sensitive information on the system.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Transformation Advisor: 1.9.6 - 1.9.7
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_cloud_transformation_advisor:1.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_cloud_transformation_advisor:1.9.7:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/957765
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Denial of service
EUVDB-ID: #VU17052
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-2449
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition.
The weakness exists due to unspecified flaw in Deployment component. A remote attacker cause the service to crash.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Transformation Advisor: 1.9.6 - 1.9.7
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_cloud_transformation_advisor:1.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_cloud_transformation_advisor:1.9.7:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/957765
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Information disclosure
EUVDB-ID: #VU17050
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-2426
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information.
The weakness exists due to unspecified flaw in Networking component. A remote attacker read arbitrary data.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Transformation Advisor: 1.9.6 - 1.9.7
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_cloud_transformation_advisor:1.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_cloud_transformation_advisor:1.9.7:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/957765
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Division by zero
EUVDB-ID: #VU17049
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-11212
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition.
The weakness exists due to division by zero error within the libjpeg library within the libjpeg-turbo in alloc_sarray() function of jmemmgr.c file. A remote attacker can pass a specially crafted file the to affected application and cause application to crash.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Transformation Advisor: 1.9.6 - 1.9.7
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_cloud_transformation_advisor:1.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_cloud_transformation_advisor:1.9.7:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/957765
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
