Multiple vulnerabilities in IBM Cloud Pak for AIOps
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 64 |
| CVE-ID | CVE-2018-1002101 CVE-2016-2193 CVE-2024-10978 CVE-2024-8185 CVE-2024-54133 CVE-2024-45490 CVE-2024-10220 CVE-2024-46695 CVE-2024-49949 CVE-2024-50099 CVE-2024-50110 CVE-2024-50142 CVE-2024-50192 CVE-2024-7006 CVE-2021-3903 CVE-2024-4603 CVE-2023-2728 CVE-2024-53986 CVE-2024-53861 CVE-2024-53989 CVE-2024-53985 CVE-2024-53987 CVE-2024-53988 CVE-2024-21005 CVE-2024-21536 CVE-2024-21003 CVE-2024-9902 CVE-2024-10979 CVE-2024-38564 CVE-2024-5321 CVE-2024-4032 CVE-2024-10976 CVE-2023-2727 CVE-2021-25741 CVE-2024-27043 CVE-2024-7594 CVE-2024-9180 CVE-2024-47874 CVE-2024-53122 CVE-2024-24789 CVE-2024-28863 CVE-2024-3177 CVE-2024-39338 CVE-2024-6923 CVE-2021-25743 CVE-2019-11253 CVE-2020-8558 CVE-2023-3676 CVE-2021-25736 CVE-2019-1002101 CVE-2021-25735 CVE-2020-8565 CVE-2020-8564 CVE-2020-8559 CVE-2020-8555 CVE-2019-11250 CVE-2019-1002100 CVE-2023-3955 CVE-2024-26461 CVE-2024-26458 CVE-2024-26462 CVE-2024-6468 CVE-2024-0793 CVE-2023-5528 |
| CWE-ID | CWE-20 CWE-254 CWE-266 CWE-400 CWE-79 CWE-124 CWE-667 CWE-476 CWE-401 CWE-399 CWE-122 CWE-264 CWE-697 CWE-388 CWE-863 CWE-285 CWE-276 CWE-684 CWE-269 CWE-416 CWE-287 CWE-369 CWE-918 CWE-77 CWE-420 CWE-693 CWE-59 CWE-532 CWE-256 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #7 is available. Public exploit code for vulnerability #17 is available. Public exploit code for vulnerability #34 is available. Public exploit code for vulnerability #41 is available. Public exploit code for vulnerability #51 is available. Public exploit code for vulnerability #54 is available. |
| Vulnerable software |
IBM Cloud Pak for Watson AIOps Other software / Other software solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 64 vulnerabilities.
1) Command-line argument injection attack
EUVDB-ID: #VU16340
Risk: High
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Amber]
CVE-ID: CVE-2018-1002101
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to conduct a command-line argument injection attack on a targeted system.
The vulnerability exists due to improper handling user-supplied input when Server Message Block (SMB) volumes are mounted on Windows nodes. A remote authenticated attacker can send specially crafted input to a targeted system while setting up an SMB volume mount, conduct a command-line argument injection attack, which the attacker could use to execute arbitrary code or access or modify sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Security Features
EUVDB-ID: #VU40402
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2016-2193
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
PostgreSQL before 9.5.x before 9.5.2 does not properly maintain row-security status in cached plans, which might allow attackers to bypass intended access restrictions by leveraging a session that performs queries as more than one role.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Incorrect privilege assignment
EUVDB-ID: #VU100513
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-10978
CWE-ID:
CWE-266 - Incorrect Privilege Assignment
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges within the application.
The vulnerability exists due to incorrect privilege assignment when application uses SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. A remote user can force the application to reset their role to a wrong user ID and view or change different rows from those intended.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Resource exhaustion
EUVDB-ID: #VU99577
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-8185
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in the Raft cluster join API endpoint. A remote attacker can send multiple HTTP requests to the affected API endpoint and consume all available memory resources.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Cross-site scripting
EUVDB-ID: #VU103958
Risk: Low
CVSSv4.0: 0.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-54133
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists in the `content_security_policy` helper. Applications which set Content-Security-Policy (CSP) headers dynamically from untrusted user input may be vulnerable to carefully crafted inputs being able to inject new directives into the CSP. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Buffer Underwrite ('Buffer Underflow')
EUVDB-ID: #VU96897
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-45490
CWE-ID:
CWE-124 - Buffer Underwrite ('Buffer Underflow')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to a boundary error in xmlparse.c when handling negative length for XML_ParseBuffer. A remote attacker can pass specially crafted input to the application, trigger buffer underflow and execute arbitrary code on the system.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Input validation error
EUVDB-ID: #VU101778
Risk: Medium
CVSSv4.0: 8.4 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:P/U:Green]
CVE-ID: CVE-2024-10220
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote user to execute arbitrary commands on the system.
The vulnerability exists due to an error when handling gitRepo volumes. A remote user with the ability to create a pod and associate a gitRepo volume can execute arbitrary commands beyond the container boundary.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
8) Improper locking
EUVDB-ID: #VU97268
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46695
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the smack_inode_notifysecctx() function in security/smack/smack_lsm.c, within the selinux_inode_notifysecctx() function in security/selinux/hooks.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) NULL pointer dereference
EUVDB-ID: #VU98952
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-49949
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qdisc_pkt_len_init() function in net/core/dev.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Improper locking
EUVDB-ID: #VU99824
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50099
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the arm_probe_decode_insn() and arm_kprobe_decode_insn() functions in arch/arm64/kernel/probes/decode-insn.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Memory leak
EUVDB-ID: #VU99801
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50110
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the copy_to_user_auth() function in net/xfrm/xfrm_user.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Input validation error
EUVDB-ID: #VU100081
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50142
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the verify_newsa_info() function in net/xfrm/xfrm_user.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Resource management error
EUVDB-ID: #VU100144
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50192
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the its_build_vmapp_cmd(), its_vpe_set_affinity() and its_vpe_init() functions in drivers/irqchip/irq-gic-v3-its.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) NULL pointer dereference
EUVDB-ID: #VU96001
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-7006
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in tif_dirinfo.c. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Heap-based buffer overflow
EUVDB-ID: #VU63060
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-3903
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Resource management error
EUVDB-ID: #VU89624
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-4603
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the application when checking DSA keys and parameters. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU77526
Risk: Medium
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2023-2728
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to improperly imposed security restrictions. A remote user can launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers.Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with ephemeral containers.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
18) Cross-site scripting
EUVDB-ID: #VU101270
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53986
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Incorrect Comparison
EUVDB-ID: #VU103946
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53861
CWE-ID:
CWE-697 - Incorrect Comparison
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to modify data on the system.
The vulnerability exists due to an incorrect string comparison being run for `iss` checking, resulting in `"acb"` being accepted for `"_abc_"`. A remote attacker can trigger incorrect comparisons and modify data on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Cross-site scripting
EUVDB-ID: #VU101274
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53989
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Cross-site scripting
EUVDB-ID: #VU101267
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53985
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Cross-site scripting
EUVDB-ID: #VU101268
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53987
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Cross-site scripting
EUVDB-ID: #VU101273
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53988
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Improper input validation
EUVDB-ID: #VU88671
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-21005
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the JavaFX component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Improper error handling
EUVDB-ID: #VU101027
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-21536
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an UnhandledPromiseRejection error thrown by micromatch. A remote non-authenticated attacker can send specially crafted request to the application and crash the Node.js process.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Improper input validation
EUVDB-ID: #VU88670
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-21003
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the JavaFX component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Incorrect authorization
EUVDB-ID: #VU100998
Risk: Low
CVSSv4.0: 4.2 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-9902
CWE-ID:
CWE-863 - Incorrect Authorization
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to an error within the ansible-core `user` module. A local user can silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user's home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Improper authorization
EUVDB-ID: #VU100514
Risk: High
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-10979
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote user to compromise the affected system.
The vulnerability exists due to incorrect control of environment variables. A remote unprivileged database user can change sensitive process environment variables (e.g. PATH) and execute arbitrary code on the database server.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU93849
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38564
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass certain security restrictions.
The vulnerability exists due to improper checks within with bpf_prog_attach_check_attach_type() function in kernel/bpf/syscall.c. A local user can bypass certain security restrictions.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Incorrect default permissions
EUVDB-ID: #VU96953
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-5321
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information or alter container logs
The vulnerability exists due to incorrect default permissions in Kubernetes clusters with Windows nodes. A local user with access to the system can view and modify contents of the container logs.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Incorrect provision of specified functionality
EUVDB-ID: #VU95157
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-4032
CWE-ID:
CWE-684 - Incorrect Provision of Specified Functionality
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists within the "ipaddress" module that contains incorrect information and private and public IP addresses for IPv4 and IPv6 protocols. This affects the is_private and is_global properties of the
ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and
ipaddress.IPv6Network classes. A remote attacker can bypass implemented security restrictions based on IP addresses or perform other actions, depending on the application's capabilities.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Improper privilege management
EUVDB-ID: #VU100511
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-10976
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to improper privilege management in cases where a subquery, WITH query, security invoker view, or SQL-language function references a table with a row-level security policy. A remote user can bypass implemented security restrictions and gain unauthorized access to the database in cases where role-specific policies are used and a given query is planned under one role and then executed under other roles.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU77525
Risk: Medium
CVSSv4.0: 6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-2727
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to improperly imposed security restrictions. A remote user can launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers.
Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Security restrictions bypass
EUVDB-ID: #VU56902
Risk: Medium
CVSSv4.0: 7.4 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2021-25741
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to application does not properly impose security restrictions by allowing hostPath-like access without use of the hostPath feature. A remote user can create a container with subpath volume mounts to access files and directories outside of the volume, including on the host filesystem.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
35) Use-after-free
EUVDB-ID: #VU90178
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27043
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dvb_register_device() function in drivers/media/dvb-core/dvbdev.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Improper authentication
EUVDB-ID: #VU97751
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-7594
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to Vault’s SSH secrets engine did not require the valid_principals list to contain a value by default. If the valid_principals and default_user fields of the SSH secrets engine configuration are not set, an SSH certificate requested by an authorized user to Vault’s SSH secrets engine could be used to authenticate as any user on the host.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU98425
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-9180
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges within the application.
The vulnerability exists due to the mishandling of entries in Vault’s in-memory entity cache. A remote privileged Vault operator can manipulate their cached entity record through the identity API endpoint on a Vault node, potentially escalating their privileges to Vault’s root policy on this node.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Resource exhaustion
EUVDB-ID: #VU98820
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-47874
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application treats multipart/form-data parts without a filename as text form fields and buffers those in byte strings with no size limit. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Division by zero
EUVDB-ID: #VU101111
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53122
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the mptcp_rcv_space_adjust() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Input validation error
EUVDB-ID: #VU91159
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-24789
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to manipulate data.
The vulnerability exists due to insufficient validation of user-supplied input in archive/zip when handling zip archives. A remote attacker can create a zip file with content that will vary depending on the implementation reading the file.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Resource exhaustion
EUVDB-ID: #VU87734
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2024-28863
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources while parsing a tar file. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
42) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU88934
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-3177
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to sensitive information.
The vulnerability exists due to improper access restrictions. A remote user can launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated.
Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) Server-Side Request Forgery (SSRF)
EUVDB-ID: #VU96050
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-39338
CWE-ID:
CWE-918 - Server-Side Request Forgery (SSRF)
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform SSRF attacks.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.
Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Command Injection
EUVDB-ID: #VU95571
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-6923
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to insufficient validation of newlines for email headers when
serializing an email message. A remote attacker can inject arbitrary headers into serialized email messages.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Input validation error
EUVDB-ID: #VU79792
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-25743
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Resource exhaustion
EUVDB-ID: #VU22824
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-11253
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation when processing YAML or JSON data in Kubernetes API server. A remote attacker can pass a malicious file to the API server and consume excessive memory and CPU resources, leading to a denial of service (DoS) attack.
Note, this vulnerability can be exploited by a remote non-authenticated attacker in Kubernetes versions prior to 1.14.0 due to default RBAC policy.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) Unprotected Alternate Channel
EUVDB-ID: #VU103955
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-8558
CWE-ID:
CWE-420 - Unprotected Alternate Channel
Exploit availability: No
DescriptionThe vulnerability allows an adjacent attacker to reach TCP and UDP services.
The vulnerability exists due to application does not properly control consumption of internal resources. An adjacent attacker can reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Input validation error
EUVDB-ID: #VU80006
Risk: Medium
CVSSv4.0: 5.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-3676
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on Windows nodes.
The
vulnerability exists due to improper input validation. A remote
user with ability to create pods on Windows nodes can obtain
administrative privileges on these nodes.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Protection Mechanism Failure
EUVDB-ID: #VU54339
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-25736
CWE-ID:
CWE-693 - Protection Mechanism Failure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to insufficient implementation of security measures in the Windows kube-proxy component. In a cloud environment that does not set the “.status.loadBalancer.ingress.ip” field in the LoadBalancer service status configuration (for example in AWS) the packets can be misrouted and reach an unintended destination. An attacker can bypass implemented security restrictions and perform MitM attack.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
50) Link following
EUVDB-ID: #VU31128
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-1002101
CWE-ID:
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Exploit availability: No
DescriptionThe vulnerability allows a local non-authenticated attacker to manipulate data.
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. The untar function can both create and follow symbolic links. The issue is resolved in kubectl v1.11.9, v1.12.7, v1.13.5, and v1.14.0.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
51) Input validation error
EUVDB-ID: #VU56245
Risk: Medium
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2021-25735
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in kube-apiserver that could allow Node updates to bypass a Validating Admission Webhook. An authenticated user could exploit this by modifying Node properties to values that should have been prevented by registered admission webhooks.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
52) Inclusion of Sensitive Information in Log Files
EUVDB-ID: #VU64820
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-8565
CWE-ID:
CWE-532 - Information Exposure Through Log Files
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to authorization and bearer tokens will be written to log files if the logging level is set to at least 9. A local user can read the log files and gain access to sensitive data.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
53) Inclusion of Sensitive Information in Log Files
EUVDB-ID: #VU48977
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-8564
CWE-ID:
CWE-532 - Information Exposure Through Log Files
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to software stores sensitive information into log files. In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. A local user can read the log files and gain access to sensitive data.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
54) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU34130
Risk: Medium
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:P/U:Green]
CVE-ID: CVE-2020-8559
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a remote privileged user to execute arbitrary code.
The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
55) Server-Side Request Forgery (SSRF)
EUVDB-ID: #VU30267
Risk: Medium
CVSSv4.0: 2.3 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-8555
CWE-ID:
CWE-918 - Server-Side Request Forgery (SSRF)
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to gain access to sensitive information.
The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master's host network (such as link-local or loopback services).
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
56) Unprotected storage of credentials
EUVDB-ID: #VU23636
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-11250
CWE-ID:
CWE-256 - Unprotected Storage of Credentials
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to other users' credentials.
The vulnerability exists due Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. This can disclose credentials to unauthorized users via logs or command output. Kubernetes components (such as kube-apiserver) prior to v1.16.0, which make use of basic or bearer token authentication, and run at high verbosity levels, are affected. A local user can view contents of the configuration file and gain access to passwords for 3rd party integration.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
57) Resource exhaustion
EUVDB-ID: #VU31127
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-1002100
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.
In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type "json-patch" (e.g. `kubectl patch --type json` or `"Content-Type: application/json-patch+json"`) that consumes excessive resources while processing, causing a Denial of Service on the API Server.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
58) Input validation error
EUVDB-ID: #VU80008
Risk: Medium
CVSSv4.0: 5.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-3955
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on Windows nodes.
The vulnerability exists due to improper input validation. A remote user with ability to create pods on Windows nodes can obtain administrative privileges on these nodes. MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
59) Memory leak
EUVDB-ID: #VU88226
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-26461
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak in /krb5/src/lib/gssapi/krb5/k5sealv3.c. A remote attacker can force the application to leak memory and perform denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
60) Memory leak
EUVDB-ID: #VU88225
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-26458
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak in /krb5/src/lib/rpc/pmap_rmt.c. A remote attacker can perform a denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
61) Memory leak
EUVDB-ID: #VU95441
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-26462
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak in /krb5/src/kdc/ndr.c. A remote attacker can force the application to leak memory and perform denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
62) Input validation error
EUVDB-ID: #VU94177
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-6468
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of requests originating from unauthorized IP addresses when the TCP listener option, proxy_protocol_behavior, was set to deny_unauthorized. When receiving a request from a source IP address that was not listed in proxy_protocol_authorized_addrs, the Vault API server would shut down and no longer respond to any HTTP requests, potentially resulting in denial of service.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
63) Improper locking
EUVDB-ID: #VU87652
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-0793
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack (DoS).
The vulnerability exists due to improper locking when handling a malformed HPA v1 manifest in kube-controller-manager. A local user can perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
64) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU83309
Risk: Medium
CVSSv4.0: 5.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-5528
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to improper access restrictions. A remote user with ability to create pods and persistent volumes on Windows nodes can obtain admin privileges on those nodes.
The vulnerability affects Kubernetes clusters only, if they are using an in-tree storage plugin for Windows nodes.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Watson AIOps: before 4.8.1
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7183012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
