Multiple vulnerabilities in IBM PureData System for Operational Analytics



Published: 2022-07-21 | Updated: 2022-10-22
Risk High
Patch available YES
Number of vulnerabilities 27
CVE-ID CVE-2019-10086
CVE-2017-12974
CVE-2014-0193
CVE-2015-2156
CVE-2014-3488
CVE-2019-0201
CVE-2017-18640
CVE-2019-17195
CVE-2019-16869
CVE-2019-12402
CVE-2019-17571
CVE-2019-10172
CVE-2019-10202
CVE-2014-0114
CVE-2017-12973
CVE-2019-9518
CVE-2019-9515
CVE-2019-9514
CVE-2019-9512
CVE-2009-0001
CVE-2016-2402
CVE-2018-8009
CVE-2018-10237
CVE-2018-11771
CVE-2017-5637
CVE-2018-8012
CVE-2017-12972
CWE-ID CWE-693
CWE-310
CWE-399
CWE-20
CWE-119
CWE-284
CWE-444
CWE-502
CWE-611
CWE-470
CWE-400
CWE-122
CWE-300
CWE-22
CWE-789
CWE-287
CWE-190
Exploitation vector Network
Public exploit Vulnerability #14 is being exploited in the wild.
Vulnerable software
Subscribe
IBM PureData System for Operational Analytics
Server applications / Other server solutions

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 27 vulnerabilities.

1) Protection mechanism failure

EUVDB-ID: #VU20844

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2019-10086

CWE-ID: CWE-693 - Protection Mechanism Failure

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass certain security restrictions.

The vulnerability exist due to Beanutils is not using by default the a special BeanIntrospector class in PropertyUtilsBean that was supposed to suppress the ability for an attacker to access the classloader via the class property available on all Java objects. A remote attacker can abuse such application behavior against applications that were developed to rely on this security feature.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Cryptographic issues

EUVDB-ID: #VU24177

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2017-12974

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a remote attacker to conduct a padding oracle attack.

The vulnerability exists due to Nimbus JOSE+JWT proceeds with ECKey construction without ensuring that the public x and y coordinates are on the specified curve. A remote attacker can conduct an Invalid Curve Attack in environments where the JCE provider lacks the applicable curve validation.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Resource management error

EUVDB-ID: #VU41720

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2014-0193

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service (memory consumption) via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Input validation error

EUVDB-ID: #VU38060

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2015-2156

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Buffer overflow

EUVDB-ID: #VU41436

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2014-3488

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Improper access control

EUVDB-ID: #VU18668

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2019-0201

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to sensitive information.

The vulnerability exists due to improper access restrictions when "getACL()" command doesn’t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string. A remote attacker can gain READ permissions to list ACL.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Improper input validation

EUVDB-ID: #VU52578

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2017-18640

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Application Server (SnakeYAML) component in PeopleSoft Enterprise PT PeopleTools. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Input validation error

EUVDB-ID: #VU24168

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-17195

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to Nimbus JOSE+JWT throws various uncaught exceptions while parsing a JWT. A remote attacker can send a specially crafted JWT token and cause the application to crash or potentially bypass authentication.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) Inconsistent interpretation of HTTP requests

EUVDB-ID: #VU22825

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-16869

CWE-ID: CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform HTTP request smuggling attack.

The vulnerability exists due to improper input validation when processing a whitespace before the colon in HTTP headers (e.g. "Transfer-Encoding : chunked"). A remote attacker can send a specially crafted HTTP request and perform HTTP request smuggling attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

10) Resource management error

EUVDB-ID: #VU22185

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-12402

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the file name encoding algorithm can get into an infinite loop when faced with specially crafted inputs. A remote attacker can choose the file names inside of an archive created by Compress and cause a denial of service condition on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

11) Deserialization of Untrusted Data

EUVDB-ID: #VU27960

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-17571

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data within the SocketServer class in Log4j. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system,  if these is a deserialization gadget listening to untrusted network traffic for log data.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

12) XML External Entity injection

EUVDB-ID: #VU65655

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-10172

CWE-ID: CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to insufficient validation of user-supplied XML input. A remote attacker can pass a specially crafted XML code to the affected application and view contents of arbitrary files on the system or initiate requests to external systems.

Successful exploitation of the vulnerability may allow an attacker to view contents of arbitrary file on the server or perform network scanning of internal and external infrastructure.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

13) Input validation error

EUVDB-ID: #VU21470

Risk: High

CVSSv3.1:

CVE-ID: CVE-2019-10202

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists due to incorrect implementation of patch for Codehaus 1.9.x against insufficient data deserialization present in FasterXML jackson-databind. A remote attacker can bypass implemented protection measures and exploit known deserialization vulnerabilities in jackson-databind package.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

14) Unsafe reflection

EUVDB-ID: #VU65653

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2014-0114

CWE-ID: CWE-470 - Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to Apache Commons BeanUtils does not suppress the class property. A remote unauthenticated attacker can manipulate the ClassLoader and execute arbitrary code via the class parameter

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

15) Cryptographic issues

EUVDB-ID: #VU24176

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2017-12973

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a remote attacker to conduct a padding oracle attack.

the vulnerability exists due to improper validation of HMAC in authenticated AES-CBC decryption in Nimbus JOSE+JWT. A remote attacker can conduct a padding oracle attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

16) Resource exhaustion

EUVDB-ID: #VU20199

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-9518

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper validation of user-supplied input within the HTTP.sys driver when processing HTTP/2 requests. A remote attacker can send specially crafted HTTP packets to the affected system trigger resource exhaustion and perform a denial of service (DoS) attack.


Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

17) Resource management error

EUVDB-ID: #VU20337

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-9515

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error in HTTP/2 implementation when processing SETTINGS frames. A remote attacker can send a huge amount of  SETTINGS frames to the peer and consume excessive CPU and memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

18) Resource exhaustion

EUVDB-ID: #VU20201

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-9514

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper validation of user-supplied input when processing HTTP/2 requests. A remote attacker can send specially crafted HTTP packets to the affected system trigger resource exhaustion and perform a denial of service (DoS) attack.


Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

19) Resource exhaustion

EUVDB-ID: #VU20200

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-9512

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper validation of user-supplied input when processing HTTP/2 requests. A remote attacker can send specially crafted HTTP packets to the affected system trigger resource exhaustion and perform a denial of service (DoS) attack.


Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

20) Heap-based buffer overflow

EUVDB-ID: #VU65651

Risk: High

CVSSv3.1:

CVE-ID: CVE-2009-0001

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in Heap-based buffer overflow in Apple QuickTime. A remote attacker can use a crafted RTSP URL to trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

21) Man-in-the-Middle (MitM) attack

EUVDB-ID: #VU65650

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2016-2402

CWE-ID: CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to an unspecified error. A remote attacker can send a certificate chain with a certificate from a non-pinned trusted CA and the pinned certificate to bypass certificate pinning.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

22) Path traversal

EUVDB-ID: #VU15972

Risk: High

CVSSv3.1:

CVE-ID: CVE-2018-8009

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to conduct a directory traversal attack on the target system.

The vulnerability exists due to improper validation of files inside an archive file. A remote unauthenticated attacker can trick the victim into extracting a zip file that contains files that use directory traversal characters, cause a malicious file to be created outside the current working directory and cause a denial of service (DoS) condition or execute arbitrary code by overwriting other files on the system.

Successful exploitation of the vulnerability may result in system compromise.

Note: the vulnerability has been dubbed "Zip Slip".

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

23) Uncontrolled memory allocation

EUVDB-ID: #VU12886

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-10237

CWE-ID: CWE-789 - Uncontrolled Memory Allocation

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to unbounded memory allocation. A remote attacker can cause the service to crash and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

24) Improper input validation

EUVDB-ID: #VU14441

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-11771

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to an error when processing malicious input. A remote attacker can trick the victim into processing a specially crafted ZIP archive with 'java.io.InputStreamReader', trigger an error in detecting the end of the file and cause the service to crash.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

25) Improper access control

EUVDB-ID: #VU6876

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2017-5637

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to improper access constrictions to wchp/wchc service. A local user can consume all available CPU resource and perform denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

26) Improper authentication

EUVDB-ID: #VU12913

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-8012

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication and write arbitrary files on the target system.

The weakness exists due to missing authentication to join a quorum. A remote attacker can bypass authentication, join the cluster and propagate changes to the cluster leader.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

27) Integer overflow

EUVDB-ID: #VU24175

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2017-12972

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass certain security restrictions.

The vulnerability exists due to integer overflow when converting length values from bytes to bits in Nimbus JOSE+JWT. A remote attacker can shift Additional Authenticated Data (AAD) and ciphertext so that different plaintext is obtained for the same HMAC, trigger integer overflow and bypass HMAC authentication.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM PureData System for Operational Analytics: 1.1


CPE2.3 External links

http://www.ibm.com/support/pages/node/6605881

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###