Multiple vulnerabilities in Oracle Communications Operations Monitor
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2023-5341 CVE-2023-48795 CVE-2023-49083 CVE-2023-41056 |
| CWE-ID | CWE-416 CWE-326 CWE-476 CWE-122 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #2 is available. |
| Vulnerable software |
Oracle Communications Operations Monitor Other software / Other software solutions |
| Vendor | Oracle |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Use-after-free
EUVDB-ID: #VU82972
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-5341
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the ReadBMPImage() function in coders/bmp.c. A remote attacker can pass a specially crafted image to the application, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsOracle Communications Operations Monitor: 5.0 - 5.2
CPE2.3- cpe:2.3:a:oracle:oracle_communications_operations_monitor:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle_communications_operations_monitor:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle_communications_operations_monitor:5.2:*:*:*:*:*:*:*
https://www.oracle.com/security-alerts/cpuapr2024.html?3288
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Inadequate encryption strength
EUVDB-ID: #VU84537
Risk: Low
CVSSv4.0: 2.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2023-48795
CWE-ID:
CWE-326 - Inadequate Encryption Strength
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to incorrect implementation of the SSH Binary Packet Protocol (BPP), which mishandles the handshake phase and the use of sequence numbers. A remote attacker can perform MitM attack and delete the SSH2_MSG_EXT_INFO message sent before authentication starts, allowing the attacker to disable a subset of the keystroke timing obfuscation features introduced in OpenSSH 9.5.
The vulnerability was dubbed "Terrapin attack" and it affects both client and server implementations.
Install update from vendor's website.
Vulnerable software versionsOracle Communications Operations Monitor: 5.0 - 5.2
CPE2.3- cpe:2.3:a:oracle:oracle_communications_operations_monitor:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle_communications_operations_monitor:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle_communications_operations_monitor:5.2:*:*:*:*:*:*:*
https://www.oracle.com/security-alerts/cpuapr2024.html?3288
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) NULL pointer dereference
EUVDB-ID: #VU83930
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-49083
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error when calling the load_pem_pkcs7_certificates() or load_der_pkcs7_certificates() functions. A remote attacker can pass specially crafted PKCS7 blob/certificate certificate to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsOracle Communications Operations Monitor: 5.1 - 5.2
CPE2.3- cpe:2.3:a:oracle:oracle_communications_operations_monitor:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle_communications_operations_monitor:5.2:*:*:*:*:*:*:*
https://www.oracle.com/security-alerts/cpuapr2024.html?3288
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Heap-based buffer overflow
EUVDB-ID: #VU85169
Risk: High
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-41056
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when resizing memory buffers. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsOracle Communications Operations Monitor: 5.0 - 5.2
CPE2.3- cpe:2.3:a:oracle:oracle_communications_operations_monitor:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle_communications_operations_monitor:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle_communications_operations_monitor:5.2:*:*:*:*:*:*:*
https://www.oracle.com/security-alerts/cpuapr2024.html?3288
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
