Multiple vulnerabilities in Oracle Communications Cloud Native Core Network Repository Function
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2024-28182 CVE-2024-29857 CVE-2024-5971 CVE-2023-46136 CVE-2024-43044 CVE-2024-37371 |
| CWE-ID | CWE-20 CWE-400 CWE-407 CWE-284 CWE-125 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #5 is available. |
| Vulnerable software Subscribe |
Oracle Communications Cloud Native Core Network Repository Function Server applications / Other server solutions |
| Vendor | Oracle |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU88144
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-28182
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to reading the unbounded number of HTTP/2 CONTINUATION frames. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsOracle Communications Cloud Native Core Network Repository Function: 23.4.4 - 24.2.1
CPE2.3- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:
- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:
http://www.oracle.com/security-alerts/cpuoct2024.html?947626
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Resource exhaustion
EUVDB-ID: #VU89218
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-29857
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to library does not properly control consumption of internal resources when importing an EC certificate with specially crafted F2m parameters. A remote attacker can pass a specially crafted certificate to the application to trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsOracle Communications Cloud Native Core Network Repository Function: 23.4.4 - 24.2.1
CPE2.3- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:
- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:
http://www.oracle.com/security-alerts/cpuoct2024.html?947626
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Resource exhaustion
EUVDB-ID: #VU96052
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-5971
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to response writes hand when using Java 17 TLSv1.3 NewSessionTicket. A remote attacker can perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsOracle Communications Cloud Native Core Network Repository Function: 23.4.4 - 24.2.1
CPE2.3- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:
- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:
http://www.oracle.com/security-alerts/cpuoct2024.html?947626
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Inefficient Algorithmic Complexity
EUVDB-ID: #VU82548
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-46136
CWE-ID:
CWE-407 - Inefficient Algorithmic Complexity
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to high resource usage when parsing multipart/form-data. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsOracle Communications Cloud Native Core Network Repository Function: 23.4.4 - 24.2.1
CPE2.3- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:
- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:
http://www.oracle.com/security-alerts/cpuoct2024.html?947626
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper access control
EUVDB-ID: #VU95780
Risk: High
CVSSv3.1: 8.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2024-43044
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions within the "ClassLoaderProxy#fetchJar" method in the Remoting library. A remote attacker can read arbitrary files on the Jenkins controller file system, leading to arbitrary code execution.
MitigationInstall update from vendor's website.
Vulnerable software versionsOracle Communications Cloud Native Core Network Repository Function: 23.4.4 - 24.2.1
CPE2.3- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:
- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:
http://www.oracle.com/security-alerts/cpuoct2024.html?947626
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
6) Out-of-bounds read
EUVDB-ID: #VU93519
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-37371
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when handling GSS message token. A remote attacker can send specially crafted token to the application, trigger an out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsOracle Communications Cloud Native Core Network Repository Function: 23.4.4 - 24.2.1
CPE2.3- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:
- cpe:2.3:a:oracle:oracle_communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:
http://www.oracle.com/security-alerts/cpuoct2024.html?947626
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
