SB2024022724 - Multiple vulnerabilities in IBM Cloud Pak for Business Automation
Published: February 27, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 15 secuirty vulnerabilities.
1) Improper input validation (CVE-ID: CVE-2012-0881)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the UI Infrastructure (Apache Xerces2 Java Parser) component in Oracle Transportation Management. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.
2) Resource exhaustion (CVE-ID: CVE-2023-6481)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in logback receiver component. A remote attacker can send send poisoned data, trigger resource exhaustion and perform a denial of service (DoS) attack.
3) Input validation error (CVE-ID: CVE-2020-14338)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists in Wildfly's implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the "use-grammar-pool-only" feature. A remote attacker can pass specially-crafted XML file to the application and manipulate the validation process in certain cases.
4) Command Injection (CVE-ID: CVE-2023-5752)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to improper input validation when installing a package from a Mercurial VCS URL (ie "pip install hg+...") with pip. A remote attacker who controls the repository can use the specified Mercurial revision to inject arbitrary configuration options to the "hg clone" call (ie "--config").
5) Input validation error (CVE-ID: CVE-2023-34055)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in Web Observations. A remote attacker can send specially crafted HTTP requests to the application and perform a denial of service (DoS) attack.
Successful exploitation of the vulnerability requires that application is using Spring MVC or Spring WebFlux and that org.springframework.boot:spring-boot-actuator is on the classpath.
6) Exposed dangerous method or function (CVE-ID: CVE-2020-10683)
The vulnerability allows a remote attacker to abuse implemented functionality.
The vulnerability exists due to dom4j allows by default external DTDs and External Entities. A remote attacker can abuse this functionality and perform XXE attack against application that uses dom4j default configuration.
7) XML Entity Expansion (CVE-ID: CVE-2017-5644)
The vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to insufficient validation of user-supplied XML input. A local user can pass a specially crafted OOXML file to the affected application and perform a denial of service attack.
8) Infinite loop (CVE-ID: CVE-2017-12626)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists due to infinite loops while parsing specially crafted WMF, EMF, MSG and macros and out of Memory exceptions while parsing specially crafted DOC, PPT and XLS. A remote attacker can cause the service to crash.
9) Infinite loop (CVE-ID: CVE-2022-23437)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop when parsing XML documents. A remote attacker can supply a specially crafted XML document, consume all available system resources and cause denial of service conditions.
10) Infinite loop (CVE-ID: CVE-2009-2625)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop. A remote attacker can send a malformed XML input to the application, consume all available system resources and cause denial of service conditions.
11) XML Entity Expansion (CVE-ID: CVE-2021-23926)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to improper input validation when processing XML data. A remote attacker can pass specially crafted XML data to the application and perform XML Entity Expansion attacks.
12) XXE attack (CVE-ID: CVE-2018-1000632)
The vulnerability allows a remote attacker to conduct XXE attack on the target system.
The vulnerability exists due to improper sanitization of elements and attribute names in XML documents. A remote attacker can trick the victim into opening a specially crafted XML document that submits malicious input, perform XXE attack and bypass security restrictions to access and modify sensitive information on the system.
13) OS Command Injection (CVE-ID: CVE-2022-48339)
The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation within the hfy-istext-command() function when parsing the "file" and "srcdir" parameters, if a file name or directory name contains shell metacharacter. A remote attacker can execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
14) OS Command Injection (CVE-ID: CVE-2022-48337)
The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation when parsing name of a source-code file in lib-src/etags.c. A remote attacker can trick the victim use the "etags -u *" command on the directory with attacker controlled content and execute arbitrary OS commands on the target system.
15) Deserialization of Untrusted Data (CVE-ID: CVE-2023-6378)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insecure input validation when processing serialized data in logback receiver component. A remote attacker can pass specially crafted data to the application and cause a denial of service condition on the target system.
Remediation
Install update from vendor's website.