SB2024060719 - Multiple vulnerabilities in IBM App Connect Enterprise Certified Container

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024060719

SB2024060719 - Multiple vulnerabilities in IBM App Connect Enterprise Certified Container

Published: June 7, 2024

Security Bulletin ID SB2024060719
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities 13
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 46% Low 54%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 13 vulnerabilities.


1) Improper input validation (CVE-ID: CVE-2024-21085)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Concurrency component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.


2) Input validation error (CVE-ID: CVE-2024-28835)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when parsing the cert_list_size parameter in the gnutls_x509_trust_list_verify_crt2() function in certtool. A remote attacker can pass specially crafted PEM encoded certificate chain that contains more than 16 certificates to the certtool and crash it.


3) Cryptographic issues (CVE-ID: CVE-2024-28834)

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to a side-channel attack when using the gnutls_privkey_sign_data2 API function with the "GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE" flag. A remote attacker can launch Minerva attack and gain access to sensitive information.


4) Reachable Assertion (CVE-ID: CVE-2024-27983)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion when handling HTTP/2 packets. A remote attacker can send a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside and perform a denial of service (DoS) attack.


5) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2024-27982)

The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.

The vulnerability exists due to improper validation of HTTP requests. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.

Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.


6) Out-of-bounds read (CVE-ID: CVE-2024-25629)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the ares__read_line() function when parsing local configuration files, such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, or `HOSTALIASES` file. A local user can insert a NULL character as the first character in a new line into one of the configuration files and crash the application.


7) Improper input validation (CVE-ID: CVE-2024-21094)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.


8) Improper input validation (CVE-ID: CVE-2024-21068)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.


9) Improper input validation (CVE-ID: CVE-2024-21012)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Networking component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.


10) Improper input validation (CVE-ID: CVE-2024-21011)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.


11) Input validation error (CVE-ID: CVE-2023-50495)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the _nc_wrap_entry() function. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.


12) Out-of-bounds read (CVE-ID: CVE-2023-48161)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the DumpSCreen2RGB() function in gif2rgb.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.


13) Out-of-bounds read (CVE-ID: CVE-2022-48554)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the file_copystr() function in funcs.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and crash the application.


Remediation

Install update from vendor's website.

References