Multiple vulnerabilities in IBM Robotic Process Automation



Published: 2024-08-23
Risk Medium
Patch available YES
Number of vulnerabilities 9
CVE-ID CVE-2017-11468
CVE-2023-39318
CVE-2023-39319
CVE-2023-39323
CVE-2023-45142
CVE-2023-45283
CVE-2023-45284
CVE-2023-49568
CVE-2023-49569
CWE-ID CWE-119
CWE-79
CWE-20
CWE-400
CWE-22
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		IBM Robotic Process Automation
Server applications / Other server solutions

Robotic Process Automation for Cloud Pak
Other software / Other software solutions

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 9 vulnerabilities.

1) Memory corruption

EUVDB-ID: #VU8100

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-11468

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to insufficient restriction of amount of user-supplied content. A remote attacker can use manifest endpoint to trigger memory corruption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Robotic Process Automation: before 23.0.15

Robotic Process Automation for Cloud Pak: before 23.0.15

CPE2.3
External links

http://www.ibm.com/support/pages/node/7160409


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Cross-site scripting

EUVDB-ID: #VU80572

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-39318

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data within the html/template package when handling HMTL-like "<!--" and "-->" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. A remote attacker can pass specially crafted input to the application and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Robotic Process Automation: before 23.0.15

Robotic Process Automation for Cloud Pak: before 23.0.15

CPE2.3
External links

http://www.ibm.com/support/pages/node/7160409


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Cross-site scripting

EUVDB-ID: #VU80573

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-39319

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists within the html/template package caused by improperly applied rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script> contexts. A remote attacker can pass specially crafted input to the application and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Robotic Process Automation: before 23.0.15

Robotic Process Automation for Cloud Pak: before 23.0.15

CPE2.3
External links

http://www.ibm.com/support/pages/node/7160409


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Input validation error

EUVDB-ID: #VU81964

Risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-39323

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input when processing line directives (e.g. "//line") in the code. A remote attacker can bypass restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build".

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Robotic Process Automation: before 23.0.15

Robotic Process Automation for Cloud Pak: before 23.0.15

CPE2.3
External links

http://www.ibm.com/support/pages/node/7160409


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Resource exhaustion

EUVDB-ID: #VU83546

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-45142

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect processing of HTTP header User-Agent and HTTP method. A remote attacker can send multiple requests with long randomly generated HTTP methods or/and User agents and consume memory resources, leading to a denial of service condition.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Robotic Process Automation: before 23.0.15

Robotic Process Automation for Cloud Pak: before 23.0.15

CPE2.3
External links

http://www.ibm.com/support/pages/node/7160409


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Input validation error

EUVDB-ID: #VU83255

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-45283

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to the path/filepath package does not recognize paths with a "??" prefix as Root Local Device path prefix. A local user can abuse such behavior and bypass implemented security restrictions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Robotic Process Automation: before 23.0.15

Robotic Process Automation for Cloud Pak: before 23.0.15

CPE2.3
External links

http://www.ibm.com/support/pages/node/7160409


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Input validation error

EUVDB-ID: #VU83254

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-45284

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to the IsLocal() function from the path/filepath package does not correctly detect reserved device names in some cases when executed on Windows. Reserved names followed by spaces, such as "COM1 ", and reserved names "COM" and "LPT" followed by superscript 1, 2, or 3, are incorrectly reported as local. A local user can abuse such behavior and bypass implemented security restrictions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Robotic Process Automation: before 23.0.15

Robotic Process Automation for Cloud Pak: before 23.0.15

CPE2.3
External links

http://www.ibm.com/support/pages/node/7160409


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Resource exhaustion

EUVDB-ID: #VU85582

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-49568

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when handling responses from a Git server. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Robotic Process Automation: before 23.0.15

Robotic Process Automation for Cloud Pak: before 23.0.15

CPE2.3
External links

http://www.ibm.com/support/pages/node/7160409


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Path traversal

EUVDB-ID: #VU85583

Risk: Medium

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-49569

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can overwrite arbitrary files on the system. Applications are only affected if they are using the ChrootOS, which is the default when using "Plain" versions of Open and Clone funcs (e.g. PlainClone).

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Robotic Process Automation: before 23.0.15

Robotic Process Automation for Cloud Pak: before 23.0.15

CPE2.3
External links

http://www.ibm.com/support/pages/node/7160409


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###