Multiple vulnerabilities in IBM Intelligent Operations Center
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 11 |
| CVE-ID | CVE-2023-39976 CVE-2023-40373 CVE-2023-40372 CVE-2023-30987 CVE-2023-38719 CVE-2023-38740 CVE-2023-30991 CVE-2023-38720 CVE-2023-33850 CVE-2023-40374 CVE-2023-38728 |
| CWE-ID | CWE-119 CWE-400 CWE-89 CWE-203 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
IBM Intelligent Operations Center Server applications / Other server solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 11 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU79803
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39976
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in log_blackbox.c. A remote attacker can send an overly long log message tp the application, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Intelligent Operations Center: 5.1.0 - 5.2.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.3:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.2:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7070539
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Resource exhaustion
EUVDB-ID: #VU81713
Risk: Low
CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-40373
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote user can trigger resource exhaustion and perform a denial of service (DoS) attack with a specially crafted query containing common table expressions.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Intelligent Operations Center: 5.1.0 - 5.2.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.3:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.2:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7070539
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) SQL injection
EUVDB-ID: #VU82580
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-40372
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Intelligent Operations Center: 5.1.0 - 5.2.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.3:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.2:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7070539
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Resource exhaustion
EUVDB-ID: #VU82578
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-30987
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Intelligent Operations Center: 5.1.0 - 5.2.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.3:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.2:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7070539
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Resource exhaustion
EUVDB-ID: #VU81712
Risk: Medium
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-38719
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack during database deactivation on DPF.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Intelligent Operations Center: 5.1.0 - 5.2.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.3:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.2:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7070539
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) SQL injection
EUVDB-ID: #VU82577
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-38740
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Intelligent Operations Center: 5.1.0 - 5.2.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.3:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.2:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7070539
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Resource exhaustion
EUVDB-ID: #VU81722
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-30991
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can send a specially crafted query to the application, trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Intelligent Operations Center: 5.1.0 - 5.2.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.3:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.2:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7070539
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Resource exhaustion
EUVDB-ID: #VU81723
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-38720
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote user can send a specially crafted ALTER TABLE statement, trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Intelligent Operations Center: 5.1.0 - 5.2.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.3:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.2:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7070539
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Observable discrepancy
EUVDB-ID: #VU82583
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-33850
CWE-ID:
CWE-203 - Observable discrepancy
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to timing-based side channel in the RSA Decryption implementation. A remote attacker can send an overly large number of trial messages for decryption and gain unauthorized access to sensitive information on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Intelligent Operations Center: 5.1.0 - 5.2.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.3:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.2:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7070539
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Resource exhaustion
EUVDB-ID: #VU81725
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-40374
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote user can send a specially crafted query statement, trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Intelligent Operations Center: 5.1.0 - 5.2.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.3:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.2:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7070539
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Resource exhaustion
EUVDB-ID: #VU81724
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-38728
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote user can send a specially crafted XML query statement, trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Intelligent Operations Center: 5.1.0 - 5.2.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.3:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.2.2:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7070539
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
