ClevOS update for IBM Cloud Object Storage Systems



Published: 2022-09-20 | Updated: 2022-11-03
Risk High
Patch available YES
Number of vulnerabilities 36
CVE-ID CVE-2020-36180
CVE-2020-10878
CVE-2020-10543
CVE-2020-36185
CVE-2020-36181
CVE-2020-36189
CVE-2020-36188
CVE-2020-36184
CVE-2020-36183
CVE-2020-26116
CVE-2020-36179
CVE-2020-36187
CVE-2020-36186
CVE-2020-36182
CVE-2021-20190
CVE-2019-2974
CVE-2021-22876
CVE-2020-12723
CVE-2021-3156
CVE-2021-3516
CVE-2021-31618
CVE-2021-26690
CVE-2021-30641
CVE-2020-35452
CVE-2020-25649
CVE-2021-3518
CVE-2020-10769
CVE-2020-8231
CVE-2020-1927
CVE-2020-1934
CVE-2020-8284
CVE-2020-8286
CVE-2020-8285
CVE-2020-14393
CVE-2021-33910
CVE-2020-26691
CWE-ID CWE-502
CWE-190
CWE-93
CWE-125
CWE-200
CWE-119
CWE-122
CWE-416
CWE-476
CWE-20
CWE-121
CWE-611
CWE-825
CWE-601
CWE-457
CWE-299
CWE-674
CWE-787
CWE-789
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Public exploit code for vulnerability #7 is available.
Public exploit code for vulnerability #8 is available.
Vulnerability #19 is being exploited in the wild.
Public exploit code for vulnerability #35 is available.
Vulnerable software
Subscribe
ClevOS
Operating systems & Components / Operating system

Vendor Clevo

Security Bulletin

This security bulletin contains information about 36 vulnerabilities.

1) Deserialization of Untrusted Data

EUVDB-ID: #VU49369

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-36180

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Integer overflow

EUVDB-ID: #VU29015

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-10878

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A remote attacker can use a specially crafted regular expression, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Integer overflow

EUVDB-ID: #VU29014

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-10543

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in nested regular expression quantifiers. A remote attacker can pass specially crafted data to the application, trigger integer overflow, leading to heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Deserialization of Untrusted Data

EUVDB-ID: #VU49374

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-36185

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Deserialization of Untrusted Data

EUVDB-ID: #VU49372

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-36181

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Deserialization of Untrusted Data

EUVDB-ID: #VU49377

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-36189

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Deserialization of Untrusted Data

EUVDB-ID: #VU49367

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-36188

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Deserialization of Untrusted Data

EUVDB-ID: #VU49373

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-36184

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) Deserialization of Untrusted Data

EUVDB-ID: #VU49371

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-36183

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

10) CRLF injection

EUVDB-ID: #VU48592

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-26116

CWE-ID: CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to inject arbitrary data in server response.

The vulnerability exists due to insufficient validation of attacker-supplied data in "http.client". A remote attacker can pass specially crafted data to the application containing CR-LF characters and modify application behavior.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

11) Deserialization of Untrusted Data

EUVDB-ID: #VU49368

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-36179

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

12) Deserialization of Untrusted Data

EUVDB-ID: #VU49376

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-36187

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

13) Deserialization of Untrusted Data

EUVDB-ID: #VU49375

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-36186

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

14) Deserialization of Untrusted Data

EUVDB-ID: #VU49370

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-36182

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

15) Deserialization of Untrusted Data

EUVDB-ID: #VU49967

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-20190

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

16) Improper input validation

EUVDB-ID: #VU28706

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-2974

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote authenticated user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Server: Optimizer component in MySQL Server. A remote authenticated user can exploit this vulnerability to perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

17) Information disclosure

EUVDB-ID: #VU51821

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-22876

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

18) Buffer overflow

EUVDB-ID: #VU29016

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-12723

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) áttack.

The vulnerability exists due to a boundary error within the recursive "S_study_chunk" calls. A remote attacker can use a specially crafted regular expression , trigger memory corruption and cause a denial of service condition on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

19) Heap-based buffer overflow

EUVDB-ID: #VU50040

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-3156

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in sudo. A local user can pass specially crafted data to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system with root privileges.


Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

20) Use-after-free

EUVDB-ID: #VU54222

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-3516

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in xmllint. A remote attacker can use a specially crafted file to execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

21) NULL pointer dereference

EUVDB-ID: #VU53773

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-31618

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in mod_http2 in Apache HTTP server. A remote attacker can send specially crafted request to the server and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

22) NULL pointer dereference

EUVDB-ID: #VU53777

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-26690

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in mod_session. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

23) Input validation error

EUVDB-ID: #VU53774

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-30641

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to incorrect parsing of Apache configuration files. An unexpected section could be matched with 'MergeSlashes OFF' option, leading to a potential security issue.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

24) Stack-based buffer overflow

EUVDB-ID: #VU53775

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-35452

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when processing Digest nounces in mod_auth_digest. A remote unauthenticated attacker can send a specially crafted HTTP request, trigger stack overflow by one nul byte and crash the server.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

25) XML External Entity injection

EUVDB-ID: #VU48979

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-25649

CWE-ID: CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')

Exploit availability: No

Description

The vulnerability allows a remote attacker to modify information on the system.

The vulnerability exists due to insufficient validation of user-supplied XML input. A remote attacker can pass a specially crafted XML code to the affected application and modify information on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

26) Use-after-free

EUVDB-ID: #VU54225

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-3518

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in libxml2. A remote attacker can use a specially crafted file and execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

27) Out-of-bounds read

EUVDB-ID: #VU50427

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-10769

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the crypto_authenc_extractkeys() function in crypto/authenc.c in the IPsec Cryptographic algorithm's module "authenc". A local low-privileged user can run a specially crafted program to trigger an out-of-bounds read error and crash the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

28) Expired pointer dereference

EUVDB-ID: #VU45794

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-8231

CWE-ID: CWE-825 - Expired pointer dereference

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to sensitive information.

The vulnerability exists due to expired pointer dereference error for CURLOPT_CONNECT_ONLY connections that may lead to information disclosure. If the application is using the CURLOPT_CONNECT_ONLY option to check if the website is accessible, an attacker might abuse this feature and force the application to re-use expired connection and send data intended to another connection to attacker controlled server.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

29) Open redirect

EUVDB-ID: #VU26527

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-1927

CWE-ID: CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Exploit availability: No

Description

The vulnerability allows a remote attacker to redirect victims to arbitrary URL.

The vulnerability exists due to improper sanitization of user-supplied data in some "mod_rewrite" configurations. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.

Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

30) Use of Uninitialized Variable

EUVDB-ID: #VU26528

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-1934

CWE-ID: CWE-457 - Use of Uninitialized Variable

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to the "mod_proxy_ftp" may use uninitialized memory when proxying to a malicious FTP server. A remote attacker can gain unauthorized access to sensitive information on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

31) Information disclosure

EUVDB-ID: #VU48893

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-8284

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the way cURL handles PASV responses. A remote attacker with control over malicious FTP server can use the PASV response to trick curl into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

32) Improper Check for Certificate Revocation

EUVDB-ID: #VU48895

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-8286

CWE-ID: CWE-299 - Improper Check for Certificate Revocation

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to incorrectly implemented checks for OCSP stapling. A remote attacker can provide a fraudulent OCSP response that would appear fine, instead of the real one.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

33) Uncontrolled Recursion

EUVDB-ID: #VU48894

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-8285

CWE-ID: CWE-674 - Uncontrolled Recursion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due tu uncontrolled recursion when processing FTP responses within the wildcard matching functionality, which allows a callback (set with <a href="https://curl.se/libcurl/c/CURLOPT_CHUNK_BGN_FUNCTION.html">CURLOPT_CHUNK_BGN_FUNCTION</a>) to return information back to libcurl on how to handle a specific entry in a directory when libcurl iterates over a list of all available entries. A remote attacker who controls the malicious FTP server can trick the victim to connect to it and crash the application, which is using the affected libcurl version.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

34) Out-of-bounds write

EUVDB-ID: #VU46974

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-14393

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local authenticated user to #BASIC_IMPACT#.

A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

35) Uncontrolled Memory Allocation

EUVDB-ID: #VU55034

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-33910

CWE-ID: CWE-789 - Uncontrolled Memory Allocation

Exploit availability: Yes

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to stack exhaustion within the basic/unit-name.c in systemd. A local user can crash the systemd (PID 1) and cause a kernel panic.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

36) Buffer overflow

EUVDB-ID: #VU67487

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-26691

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to a boundary error in Apache httpd mod_session. A remote attacker can pass a specially crafted file, trigger memory corruption and perform a denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ClevOS: All versions


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-systems-sept-2021-v1/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###