Multiple vulnerabilities in IBM Tivoli Network Configuration Manager
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2024-38819 CVE-2022-22968 CVE-2024-38828 CVE-2024-38808 CVE-2024-38809 CVE-2024-47072 |
| CWE-ID | CWE-22 CWE-254 CWE-20 CWE-400 CWE-119 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. |
| Vulnerable software |
IBM Tivoli Netcool Configuration Manager Other software / Other software solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Path traversal
EUVDB-ID: #VU98796
Risk: Medium
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2024-38819
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in applications that serve static resources through the functional web frameworks WebMvc.fn or WebFlux.fn. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Tivoli Netcool Configuration Manager: 6.4.2.0 - 6.4.2.21
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7230045
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Security features bypass
EUVDB-ID: #VU62314
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2022-22968
CWE-ID:
CWE-254 - Security Features
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to patterns for disallowedFields on a DataBinder are case sensitive, which means a field is not effectively protected unless it is listed
with both upper and lower case for the first character of the field,
including upper and lower case for the first character of all nested
fields within the property path. A remote attacker can bypass implemented security restrictions by passing case sensitive data to the application.
Install update from vendor's website.
Vulnerable software versionsIBM Tivoli Netcool Configuration Manager: 6.4.2.0 - 6.4.2.21
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7230045
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Input validation error
EUVDB-ID: #VU100680
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-38828
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input passed via Spring MVC controller method with @RequestBody byte[] parameter. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Tivoli Netcool Configuration Manager: 6.4.2.0 - 6.4.2.21
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7230045
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Resource exhaustion
EUVDB-ID: #VU96019
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-38808
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when evaluating user-supplied SpEL expression. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Tivoli Netcool Configuration Manager: 6.4.2.0 - 6.4.2.21
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7230045
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU96018
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-38809
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when parsing ETags from "If-Match" or "If-None-Match" request headers. A remote attacker can send a specially crafted HTTP request to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Tivoli Netcool Configuration Manager: 6.4.2.0 - 6.4.2.21
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7230045
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Buffer overflow
EUVDB-ID: #VU100095
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-47072
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when processing unstrusted input. A remote attacker can pass a specially crafted stream to the application, trigger a stack overflow and perform a denial of service (DoS) attack.
Successful exploitation of this vulnerability requires that XStream is configured to use the BinaryStreamDriver.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Tivoli Netcool Configuration Manager: 6.4.2.0 - 6.4.2.21
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_tivoli_netcool_configuration_manager:6.4.2.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7230045
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
