SB2023081601 - Multiple vulnerabilities in IBM Analytic Accelerator Framework for Communication Service Providers & IBM Customer and Network Analytics 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023081601

SB2023081601 - Multiple vulnerabilities in IBM Analytic Accelerator Framework for Communication Service Providers & IBM Customer and Network Analytics

Published: August 16, 2023

Security Bulletin ID SB2023081601
Severity
Medium
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Information disclosure

Breakdown by Severity

Medium 83% Low 17%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2021-28169)

The vulnerability allows a remote attacker to gain access to sensitive information..

The vulnerability exists due to a double decoding issue when parsing URI with certain characters. A remote attacker can send requests to the ConcatServlet and WelcomeFilter and view contents of protected resources within the WEB-INF directory.

Example:

/concat?/%2557EB-INF/web.xml


2) Insufficient Session Expiration (CVE-ID: CVE-2021-34428)

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to insufficient session expiration issue. If an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated.


3) Information disclosure (CVE-ID: CVE-2021-28163)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. If the ${jetty.base} directory or the ${jetty.base}/webapps directory is a symlink, the contents of the ${jetty.base}/webapps directory may be deployed as a static web application, exposing the content of the directory for download.


4) Input validation error (CVE-ID: CVE-2021-28164)

The vulnerability allows a remote attacker to gain access to sensitive informatoin.

The vulnerability exists due to insufficient validation of user-supplied input when processing special characters, passed via URI. A remote attacker can use %2e or %2e%2e segments to access protected resources within the WEB-INF directory.

Example:

http://[host]/context/%2e/WEB-INF/web.xml


5) Improper access control (CVE-ID: CVE-2021-34429)

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper input validation when processing certain characters in URI. A remote attacker can send a specially crafted HTTP request with encoded characters in URI, bypass implemented security restrictions and access content of the WEB-INF directory.


6) Resource exhaustion (CVE-ID: CVE-2021-28165)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when processing large TLS frames. A remote attacker can send specially crafted data to the server, trigger CPU high load and perform a denial of service (DoS) attack.


Remediation

Install update from vendor's website.

References