Multiple vulnerabilities in IBM FileNet Content Manager (FNCM) Content Based Retrieval (CBR) content indexing



Risk High
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2024-45492
CVE-2024-25269
CVE-2024-36052
CVE-2023-39743
CWE-ID CWE-190
CWE-20
Exploitation vector Network
Public exploit N/A
Vulnerable software
IBM FileNet Content Manager
Client/Desktop applications / File managers, FTP clients

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Integer overflow

EUVDB-ID: #VU96899

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2024-45492

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow within the nextScaffoldPart() function in xmlparse.c. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM FileNet Content Manager: before 5.5.8.0 IF009

CPE2.3 External links

http://www.ibm.com/support/pages/node/7175917


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper input validation

EUVDB-ID: #VU98630

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-25269

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the DC-Specific Component (libheif) component in Oracle Outside In Technology. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM FileNet Content Manager: before 5.5.8.0 IF009

CPE2.3 External links

http://www.ibm.com/support/pages/node/7175917


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper input validation

EUVDB-ID: #VU98631

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-36052

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the DC-Specific Component (unrar) component in Oracle Outside In Technology. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM FileNet Content Manager: before 5.5.8.0 IF009

CPE2.3 External links

http://www.ibm.com/support/pages/node/7175917


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper input validation

EUVDB-ID: #VU98638

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-39743

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Outside In Maintenance (lrzip-next) component in Oracle Outside In Technology. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM FileNet Content Manager: before 5.5.8.0 IF009

CPE2.3 External links

http://www.ibm.com/support/pages/node/7175917


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###