Multiple vulnerabilities in Oracle Communications Cloud Native Core Security Edge Protection Proxy
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2024-28182 CVE-2023-2953 CVE-2023-46136 CVE-2024-31744 CVE-2024-43044 CVE-2024-37371 |
| CWE-ID | CWE-20 CWE-476 CWE-407 CWE-617 CWE-284 CWE-125 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #5 is available. |
| Vulnerable software Subscribe |
Oracle Communications Cloud Native Core Security Edge Protection Proxy Server applications / DLP, anti-spam, sniffers |
| Vendor | Oracle |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU88144
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-28182
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to reading the unbounded number of HTTP/2 CONTINUATION frames. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsOracle Communications Cloud Native Core Security Edge Protection Proxy: 23.4.2 - 24.2.0
CPE2.3- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:
- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:
http://www.oracle.com/security-alerts/cpuoct2024.html?936686
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) NULL pointer dereference
EUVDB-ID: #VU77252
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-2953
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the ber_memalloc_x() function. A remote attacker can send specially crafted data to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsOracle Communications Cloud Native Core Security Edge Protection Proxy: 23.4.2 - 24.2.0
CPE2.3- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:
- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:
http://www.oracle.com/security-alerts/cpuoct2024.html?936686
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Inefficient Algorithmic Complexity
EUVDB-ID: #VU82548
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-46136
CWE-ID:
CWE-407 - Inefficient Algorithmic Complexity
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to high resource usage when parsing multipart/form-data. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsOracle Communications Cloud Native Core Security Edge Protection Proxy: 23.4.2 - 24.2.0
CPE2.3- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:
- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:
http://www.oracle.com/security-alerts/cpuoct2024.html?936686
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Reachable assertion
EUVDB-ID: #VU98599
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-31744
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion within the jpc_streamlist_remove() function in src/libjasper/jpc/jpc_dec.c. A remote attacker can pass a specially crafted image to the application and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsOracle Communications Cloud Native Core Security Edge Protection Proxy: 23.4.2 - 24.2.0
CPE2.3- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:
- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:
http://www.oracle.com/security-alerts/cpuoct2024.html?936686
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper access control
EUVDB-ID: #VU95780
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2024-43044
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions within the "ClassLoaderProxy#fetchJar" method in the Remoting library. A remote attacker can read arbitrary files on the Jenkins controller file system, leading to arbitrary code execution.
MitigationInstall update from vendor's website.
Vulnerable software versionsOracle Communications Cloud Native Core Security Edge Protection Proxy: 23.4.2 - 24.2.0
CPE2.3- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:
- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:
http://www.oracle.com/security-alerts/cpuoct2024.html?936686
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
6) Out-of-bounds read
EUVDB-ID: #VU93519
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-37371
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when handling GSS message token. A remote attacker can send specially crafted token to the application, trigger an out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsOracle Communications Cloud Native Core Security Edge Protection Proxy: 23.4.2 - 24.2.0
CPE2.3- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:
- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:
http://www.oracle.com/security-alerts/cpuoct2024.html?936686
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
