SB2025012464 - Multiple vulnerabilities in Communications Unified Assurance

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025012464

SB2025012464 - Multiple vulnerabilities in Communications Unified Assurance

Published: January 24, 2025

Security Bulletin ID SB2025012464
Severity
High
Patch available
YES
Number of vulnerabilities 11
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 18% Medium 55% Low 27%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 11 secuirty vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2024-37891)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to Prox-Authorization header is not stripped during cross-origin redirects when using urllib3's proxy support with ProxyManager. A remote attacker can gain obtain proxy credentials used by the library.


2) Out-of-bounds write (CVE-ID: CVE-2024-29133)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when calling the ListDelimiterHandler.flatten(Object, int) with a cyclical object tree. A remote attacker can pass specially crafted input to the application, trigger an out-of-bounds write and execute arbitrary code on the target system.


3) Security features bypass (CVE-ID: CVE-2024-35195)

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to the session object does not verify requests after making first request with verify=False. A local administrator can bypass authentication.


4) Improper access control (CVE-ID: CVE-2024-1442)

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote user can use Grafana API to create a data source with UID set to *, and gain access to read, query, edit and delete all data sources within the organization.


5) Improper input validation (CVE-ID: CVE-2023-29408)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Core (Golang Go) component in Oracle Communications Unified Assurance. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.


6) Information disclosure (CVE-ID: CVE-2024-28849)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to credentials are shared via headers when following cross-domain redirects. A remote attacker can gain access to sensitive information.


7) Input validation error (CVE-ID: CVE-2024-47561)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input when parsing schema in Java SDK. A remote attacker can pass specially crafted schema to the application and execute arbitrary code on the system.


8) Uncontrolled Recursion (CVE-ID: CVE-2024-7254)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation when parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields. A remote attacker can pass specially crafted input to the application to create unbounded recursions and perform a denial of service (DoS) attack.


9) Resource exhaustion (CVE-ID: CVE-2024-7592)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources within the 'http.cookies' standard library module when parsing cookies that contained backslashes for quoted characters in the cookie value. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


10) Infinite loop (CVE-ID: CVE-2024-24786)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop when parsing data in an invalid JSON format within the protojson.Unmarshal() function. A remote attacker can consume all available system resources and cause denial of service conditions.


11) Resource exhaustion (CVE-ID: CVE-2024-47554)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when handling untrusted input passed to the org.apache.commons.io.input.XmlStreamReader class. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


Remediation

Install update from vendor's website.

References