Multiple vulnerabilities in IBM Analytics Content Hub
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2022-41946 CVE-2022-31197 CVE-2020-1945 CVE-2023-33201 CVE-2023-4586 CVE-2022-26336 CVE-2021-37533 |
| CWE-ID | CWE-276 CWE-89 CWE-90 CWE-295 CWE-399 CWE-345 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Analytics Content Hub Other software / Other software solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Incorrect default permissions
EUVDB-ID: #VU69545
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-41946
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to application stores files with sensitive information in system's temporary directory. A local user can read the files and gain access to sensitive information.
Install update from vendor's website.
Vulnerable software versionsAnalytics Content Hub: 2.0 - 2.1
CPE2.3- cpe:2.3:a:ibm_corporation:analytics_content_hub:2.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:analytics_content_hub:2.1:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7096531
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) SQL injection
EUVDB-ID: #VU66747
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-31197
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data within the java.sql.ResultRow.refreshRow() method when processing column names. A remote attacker can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database using the statement terminator, e.g." ;".
Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.
MitigationInstall update from vendor's website.
Vulnerable software versionsAnalytics Content Hub: 2.0 - 2.1
CPE2.3- cpe:2.3:a:ibm_corporation:analytics_content_hub:2.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:analytics_content_hub:2.1:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7096531
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Incorrect default permissions
EUVDB-ID: #VU27924
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-1945
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to Apache Ant is using a default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process. A local user with access to the system can view contents of files and directories or modify them.
MitigationInstall update from vendor's website.
Vulnerable software versionsAnalytics Content Hub: 2.0 - 2.1
CPE2.3- cpe:2.3:a:ibm_corporation:analytics_content_hub:2.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:analytics_content_hub:2.1:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7096531
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) LDAP injection
EUVDB-ID: #VU78328
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-33201
CWE-ID:
CWE-90 - Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to improper input validation in applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability. A remote non-authenticated attacker can use a specially crafted X.509 certificate to bypass authentication process and gain unauthorized access to the application.
MitigationInstall update from vendor's website.
Vulnerable software versionsAnalytics Content Hub: 2.0 - 2.1
CPE2.3- cpe:2.3:a:ibm_corporation:analytics_content_hub:2.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:analytics_content_hub:2.1:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7096531
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper Certificate Validation
EUVDB-ID: #VU84031
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-4586
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to the Hot Rod client does not enable hostname validation when using TLS. A remote attacker can perform MitM attack.
Install update from vendor's website.
Vulnerable software versionsAnalytics Content Hub: 2.0 - 2.1
CPE2.3- cpe:2.3:a:ibm_corporation:analytics_content_hub:2.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:analytics_content_hub:2.1:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7096531
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Resource management error
EUVDB-ID: #VU61043
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-26336
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the HMEF package. A remote attacker can pass specially crafted TNEF file to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsAnalytics Content Hub: 2.0 - 2.1
CPE2.3- cpe:2.3:a:ibm_corporation:analytics_content_hub:2.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:analytics_content_hub:2.1:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7096531
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Insufficient verification of data authenticity
EUVDB-ID: #VU70441
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-37533
CWE-ID:
CWE-345 - Insufficient Verification of Data Authenticity
Exploit availability: No
DescriptionThe vulnerability allows an attacker to redirect victim to a malicious host.
The vulnerability exists due to the application trusts the host from PASV response by default. A remote attacker can trick the victim into connecting to an attacker controlled FTP server and then redirect the application to another host.
Install update from vendor's website.
Vulnerable software versionsAnalytics Content Hub: 2.0 - 2.1
CPE2.3- cpe:2.3:a:ibm_corporation:analytics_content_hub:2.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:analytics_content_hub:2.1:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7096531
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
