Multiple Vulnerabilities in IBM Cloud Pak for Multicloud Management
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2021-23994 CVE-2021-23998 CVE-2021-23999 CVE-2021-29946 |
| CWE-ID | CWE-787 CWE-277 CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
IBM Cloud Pak for Multicloud Management Client/Desktop applications / Software for system administration |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Out-of-bounds write
EUVDB-ID: #VU52333
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-23994
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input within the WebGL framebuffer. A remote attacker can create a specially crafted web page, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Multicloud Management: 2.3.0 - 2.3.20
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-pak-for-multicloud-management-monitoring-has-applied-security-fixes-for-its-use-of-mozilla-firefox/
http://www.ibm.com/support/pages/node/6520784
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Insecure Inherited Permissions
EUVDB-ID: #VU52337
Risk: Medium
CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-23998
CWE-ID:
CWE-277 - Insecure inherited permissions
Exploit availability: No
Descriptionthe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to the way HTTP pages inherit a secure lock icon, when navigating from an HTTP page. A remote attacker can create a specially crafted webpage that through a series of complicated navigation will force the browser to display a secure lock icon on an unencrypted HTTP page.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Multicloud Management: 2.3.0 - 2.3.20
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-pak-for-multicloud-management-monitoring-has-applied-security-fixes-for-its-use-of-mozilla-firefox/
http://www.ibm.com/support/pages/node/6520784
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Insecure Inherited Permissions
EUVDB-ID: #VU52338
Risk: Medium
CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-23999
CWE-ID:
CWE-277 - Insecure inherited permissions
Exploit availability: No
Descriptionthe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to the way Firefox handles Blob URLs. If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Multicloud Management: 2.3.0 - 2.3.20
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-pak-for-multicloud-management-monitoring-has-applied-security-fixes-for-its-use-of-mozilla-firefox/
http://www.ibm.com/support/pages/node/6520784
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Input validation error
EUVDB-ID: #VU52346
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-29946
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to insufficient validation of user-supplied input. Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Multicloud Management: 2.3.0 - 2.3.20
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-pak-for-multicloud-management-monitoring-has-applied-security-fixes-for-its-use-of-mozilla-firefox/
http://www.ibm.com/support/pages/node/6520784
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
