SB2024120610 - Multiple vulnerabilities in IBM Cognos Controller
Published: December 6, 2024 Updated: December 6, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 84 secuirty vulnerabilities.
1) Improper Certificate Validation (CVE-ID: CVE-2021-44533)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to improper validation of certificate subject and issuer fields. A remote attacker can create a certificate with specially crafted multi-value Relative Distinguished Names and perform spoofing attack.
2) XML External Entity injection (CVE-ID: CVE-2024-22354)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied XML input. A remote attacker can pass a specially crafted XML code to the affected application and view contents of arbitrary files on the system or initiate requests to external systems.
Successful exploitation of the vulnerability may allow an attacker to view contents of arbitrary file on the server or perform network scanning of internal and external infrastructure.
3) Inclusion of Sensitive Information in Log Files (CVE-ID: CVE-2023-44483)
The vulnerability allows a remote user to gain access to sensitive information.
The vulnerability exists due to software stores sensitive information into log files when using the JSR 105 API. A remote user can obtain a private key when generating an XML Signature with debug level enabled.
4) Arbitrary file upload (CVE-ID: CVE-2024-25020)
The vulnerability allows a remote user to compromise vulnerable system.
The vulnerability exists due to application allows unrestricted filetype attachments in the Journal entry page. A remote user can upload malicious executable files into the system and can be sent to victims for performing further attacks.
5) Improper Certificate Validation (CVE-ID: CVE-2021-44531)
The vulnerability allows a remote attacker to perform spoofing attack.
The
vulnerability exists due to insufficient validation of URI Subject
Alternative Names. Node.js accepts arbitrary Subject Alternative Name
(SAN) types, unless a PKI
is specifically defined to use a particular SAN type. A remote attacker
can bypass name-constrained intermediates and perform spoofing attack.
6) Out-of-bounds read (CVE-ID: CVE-2021-22918)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in uv__idna_toascii() function in libuv, which is used to convert strings to ASCII. A remote attacker can force the application to resolve a specially crafted hostname, trigger an out-of-bounds read error and gain access to sensitive information or perform a denial of service (DoS) attack.
7) Incorrect default permissions (CVE-ID: CVE-2021-22921)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists in Windows installer due to incorrect default permissions for files and folders that are set by the application. A local user with access to the system can view contents of files and directories or modify them.
8) Cross-site request forgery (CVE-ID: CVE-2024-41776)
The vulnerability allows a remote attacker to perform cross-site request forgery attacks.
The vulnerability exists due to insufficient validation of the HTTP request origin. A remote attacker can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website.
9) Resource exhaustion (CVE-ID: CVE-2023-51775)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion via large p2c (aka PBES2 Count) value and perform a denial of service (DoS) attack.
10) Use of hard-coded credentials (CVE-ID: CVE-2024-41777)
The vulnerability allows a remote attacker to gain full access to vulnerable system.
The vulnerability exists due to IBM Cognos Controller contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. A remote unauthenticated attacker can access the affected system using the hard-coded credentials.
11) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2021-22960)
The vulnerability allows a remote attacker to preform HTTP request smuggling attacks.
The vulnerability exists due to improper validation of HTTP requests, where the application ignores chunk extensions when parsing the body of chunked requests. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.
Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.
12) Segmentation fault (CVE-ID: CVE-2023-5676)
The vulnerability allows a local privileged user to perform a denial of service (DoS) attack.
The vulnerability exists due to JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing. A local privileged user can pass specially crafted input to the application and perform a denial of service (DoS) attack.
13) Improper input validation (CVE-ID: CVE-2023-22067)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the CORBA component in Oracle Java SE. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
14) Improper input validation (CVE-ID: CVE-2023-22081)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The vulnerability exists due to improper input validation within the JSSE component in Oracle GraalVM for JDK. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.
15) Improper input validation (CVE-ID: CVE-2023-21843)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Sound component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
16) Improper input validation (CVE-ID: CVE-2023-21830)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Serialization component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
17) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2024-21634)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due in `ion-java` for applications that use `ion-java` to deserialize Ion text encoded data, or deserialize Ion text or binary encoded data into the `IonValue` model and then invoke certain `IonValue` methods on that in-memory representation. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
18) Improper Certificate Validation (CVE-ID: CVE-2021-22939)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to incomplete validation of rejectUnauthorized parameter. A remote attacker can cause the connections to servers with an expired certificate would have been accepted.
19) Use-after-free (CVE-ID: CVE-2021-22930)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing HTTP/2 stream canceling requests. A remote attacker can send a specially crafted HTTP/2 request, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
20) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2024-41775)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to IBM Cognos Controller uses weaker than expected cryptographic algorithms. A remote attacker can gain unauthorized access to sensitive information on the system.
21) Server-Side Request Forgery (SSRF) (CVE-ID: CVE-2024-22329)
The disclosed vulnerability allows a remote attacker to perform SSRF attacks.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.
Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
22) Prototype pollution (CVE-ID: CVE-2022-21824)
The vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to the formatting logic of the console.table() function. A remote attacker can send a specially crafted request and assign an empty string to numerical keys of the object prototype.
23) Insecure DLL loading (CVE-ID: CVE-2022-32223)
The vulnerability allows a local attacker to elevate privileges on the system
The vulnerability exists due to DLL search order hijacking of providers.dll. A local attacker can place a specially crafted .dll file and elevate privileges on the system
24) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2021-22959)
The vulnerability allows a remote attacker to preform HTTP request smuggling attacks.
The vulnerability exists due to improper validation of HTTP requests, where the application accepts requests with a space right after the header name before the colon. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.
Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.
25) Path traversal (CVE-ID: CVE-2021-29425)
The vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error within the FileNameUtils.normalize method when processing directory traversal sequences, such as "//../foo", or "\..foo". A remote attacker can send a specially crafted request and verify files availability in the parent folder.
26) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2023-24998)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to Apache Commons FileUpload does not limit the number of request parts. A remote attacker can initiate a series of uploads and perform a denial of service (DoS) attack.
27) Improper validation of certificate with host mismatch (CVE-ID: CVE-2021-44532)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to improper validation of certificates, when converting SANs (Subject Alternative Names) to a string format. A remote attacker can inject special characters into the string and perform spoofing attack.
28) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2022-32215)
The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.
The vulnerability exists due to llhttp parser in the http module does not correctly handle multi-line Transfer-Encoding headers. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.
Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.
29) Security features bypass (CVE-ID: CVE-2022-32222)
The vulnerability allows a remote attacker to bypass security restrictions
The vulnerability exists due to Node.js after start on linux based systems attempts to read /home/iojs/build/ws/out/Release/obj.target/deps/openssl/openssl.cnf, which ordinarily doesn't exist. A remote unauthenticated attacker can attemp to read openssl.cnf from /home/iojs/build/ upon startup to create this file and affect the default OpenSSL configuration for other users.
30) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2022-32214)
The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.
The vulnerability exists due to llhttp parser in the http module does not strictly use the CRLF sequence to delimit HTTP requests. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.
Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.
31) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2022-32213)
The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.
The vulnerability exists due to improper validation of HTTP requests. A remote attacker can send a specially-crafted request to lead to HTTP Request Smuggling to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.
32) Improper input validation (CVE-ID: CVE-2024-21094)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
33) Improper Check or Handling of Exceptional Conditions (CVE-ID: CVE-2022-32212)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to IsIPAddress does not properly checks if an IP address is invalid or not. A remote unauthenticated attacker can exploit this vulnerability to bypass the IsAllowedHost check and execute arbitrary code on the system.
34) Improper input validation (CVE-ID: CVE-2023-22049)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Libraries component in Oracle GraalVM for JDK. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
35) Improper input validation (CVE-ID: CVE-2023-22045)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM for JDK. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
36) Observable discrepancy (CVE-ID: CVE-2024-30171)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a possible timing based leakage in RSA based handshakes. A remote attacker can gain access to sensitive information.
37) Resource exhaustion (CVE-ID: CVE-2024-29857)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to library does not properly control consumption of internal resources when importing an EC certificate with specially crafted F2m parameters. A remote attacker can pass a specially crafted certificate to the application to trigger resource exhaustion and perform a denial of service (DoS) attack.
38) Infinite loop (CVE-ID: CVE-2024-30172)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop in the Ed25519 verification code. A remote attacker can pass a specially signature and public key to the application, consume all available system resources and cause denial of service conditions.
39) Resource exhaustion (CVE-ID: CVE-2023-38264)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
40) Improper input validation (CVE-ID: CVE-2024-21011)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.
41) Improper input validation (CVE-ID: CVE-2024-21085)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The vulnerability exists due to improper input validation within the Concurrency component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.
42) Use-after-free (CVE-ID: CVE-2021-22940)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error. A remote attacker can change process behavior.
43) Insufficient Type Distinction (CVE-ID: CVE-2024-45676)
The vulnerability allows a remote user to upload insecure files.
The vulnerability exists due to insufficient file type distinction. A remote user can trigger the vulnerability to upload insecure files.
44) Resource exhaustion (CVE-ID: CVE-2024-25026)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when handling HTTP requests. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
45) Cross-site scripting (CVE-ID: CVE-2024-27270)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
46) Open redirect (CVE-ID: CVE-2023-26159)
The vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The vulnerability exists due to improper sanitization of user-supplied data within the url.parse() function. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.
Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.
47) Information disclosure (CVE-ID: CVE-2022-0536)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote attacker can gain unauthorized access to sensitive information on the system.
48) Information disclosure (CVE-ID: CVE-2024-28849)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to credentials are shared via headers when following cross-domain redirects. A remote attacker can gain access to sensitive information.
49) Information disclosure (CVE-ID: CVE-2022-0155)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote attacker can gain unauthorized access to sensitive information on the system.
50) Arbitrary file upload (CVE-ID: CVE-2024-40691)
The vulnerability allows a remote user to compromise vulnerable system.
The vulnerability exists due the application does not validate the content of the file uploaded to the web interface. A remote user can upload malicious executable files into the system, and it can be sent to victim for performing further attacks.
51) Arbitrary file upload (CVE-ID: CVE-2024-25019)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due the application does not validate the type of file uploaded to Journal entry attachments. A remote attacker can upload malicious executable files into the system that can be sent to victims for performing further attacks.
52) Improper input validation (CVE-ID: CVE-2021-22931)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
The vulnerability exists due to improper input validation within the Cluster: General (Node.js) component in MySQL Cluster. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.
53) Cleartext transmission of sensitive information (CVE-ID: CVE-2021-29892)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to failure to properly enable HTTP Strict Transport Security. A remote attacker with ability to obtain sensitive information using man in the middle techniques.
54) Improper input validation (CVE-ID: CVE-2023-21930)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The vulnerability exists due to improper input validation within the JSSE component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.
55) Resource management error (CVE-ID: CVE-2023-23919)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to in some cases Node.js does does not clear the OpenSSL error stack after operations that may set it. A remote attacker can trigger false positive errors during subsequent cryptographic operations on the same thread and perform a denial of service (DoS) attack.
56) HTTP response splitting (CVE-ID: CVE-2023-23936)
The vulnerability allows a remote attacker to perform HTTP splitting attacks.
The vulnerability exists due to software does not correctly process CRLF character sequences when handling HTTP "Host" header. A remote attacker can send specially crafted request containing CRLF sequence and make the application to send a split HTTP response.
Successful exploitation of the vulnerability may allow an attacker perform cache poisoning attack.
57) Incorrect Regular Expression (CVE-ID: CVE-2023-24807)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when user-supplied input within the `Headers.set()` and `Headers.append()` methods. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
58) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-23920)
The vulnerability allows a remote user to gain access to sensitive information.
The vulnerability exists due to application insecurely loads ICU data through ICU_DATA environment variable with elevated privileges. A remote user can gain access to potentially sensitive information.
59) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-23918)
The vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to improperly imposed security restrictions within the process.mainModule.require() method. A remote user can access non authorized modules.
60) Infinite loop (CVE-ID: CVE-2024-25710)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop when processing a corrupt DUMP file. A remote attacker can consume all available system resources and cause denial of service conditions.
61) Resource exhaustion (CVE-ID: CVE-2024-26308)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of memory when unpacking a broken Pack200 file. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
62) Information disclosure (CVE-ID: CVE-2024-25035)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote attacker can gain unauthorized access to sensitive information of the application environment.
63) Improper input validation (CVE-ID: CVE-2023-21967)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the JSSE component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.
64) Authentication bypass using an alternate path or channel (CVE-ID: CVE-2024-25036)
The vulnerability allows a remote user to bypass security restrictions.
The vulnerability exists due to an alternate path or channel in the application. An authenticated user with local access can bypass security restrictions allowing users to circumvent restrictions imposed on input fields.
65) Resource exhaustion (CVE-ID: CVE-2024-27268)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
66) Resource exhaustion (CVE-ID: CVE-2024-22353)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
67) Observable discrepancy (CVE-ID: CVE-2023-33850)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to timing-based side channel in the RSA Decryption implementation. A remote attacker can send an overly large number of trial messages for decryption and gain unauthorized access to sensitive information on the system.
68) Improper input validation (CVE-ID: CVE-2024-20945)
The vulnerability allows a local authenticated user to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Security component in Oracle GraalVM Enterprise Edition. A local authenticated user can exploit this vulnerability to gain access to sensitive information.
69) Improper input validation (CVE-ID: CVE-2024-20926)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Scripting component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
70) Improper input validation (CVE-ID: CVE-2024-20919)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
71) Improper input validation (CVE-ID: CVE-2024-20921)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
72) Improper input validation (CVE-ID: CVE-2024-20918)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.
73) Improper input validation (CVE-ID: CVE-2024-20952)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The vulnerability exists due to improper input validation within the Security component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.
74) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2023-50312)
The vulnerability allows an adjacent attacker to gain access to potentially sensitive information.
The vulnerability exists due to weaker than expected security for outbound TLS connections caused by a failure to honor user configuration. An adjacent attacker can gain unauthorized access to sensitive information on the system.
75) Improper input validation (CVE-ID: CVE-2023-21954)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
76) Use of insufficiently random values (CVE-ID: CVE-2022-35255)
The vulnerability allows a remote attacker to decrypt sensitive information.
The vulnerability exists due to usage of weak randomness in WebCrypto keygen within the SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. A remote attacker can decrypt sensitive information.
77) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2022-35256)
The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.
The vulnerability exists due to improper validation of HTTP requests. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.
Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.
78) Input validation error (CVE-ID: CVE-2023-38737)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted HTTP request to the server and perform a denial of service (DoS) attack.
79) Resource exhaustion (CVE-ID: CVE-2023-44487)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improperly control of consumption for internal resources when handling HTTP/2 requests with compressed HEADERS frames. A remote attacker can send a sequence of compressed HEADERS frames followed by RST_STREAM frames and perform a denial of service (DoS) attack, a.k.a. "Rapid Reset".
Note, the vulnerability is being actively exploited in the wild.
80) Out-of-bounds read (CVE-ID: CVE-2023-2597)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to in the implementation of the shared cache (which is enabled by default in OpenJ9 builds) the size of a string is not properly checked against the size of the buffer. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.
81) Improper input validation (CVE-ID: CVE-2023-21938)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Libraries component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
82) Improper input validation (CVE-ID: CVE-2023-21937)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Networking component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
83) Improper input validation (CVE-ID: CVE-2023-21968)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Libraries component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
84) Improper input validation (CVE-ID: CVE-2023-21939)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Swing component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
Remediation
Install update from vendor's website.