Multiple vulnerabilities in Netcool Operations Insight



Published: 2022-09-23 | Updated: 2022-11-26
Risk High
Patch available YES
Number of vulnerabilities 34
CVE-ID CVE-2021-35578
CVE-2021-37713
CVE-2021-2388
CVE-2021-2369
CVE-2021-2432
CVE-2021-35560
CVE-2021-35586
CVE-2021-35564
CVE-2021-2161
CVE-2021-35559
CVE-2021-35556
CVE-2021-35565
CVE-2021-35588
CVE-2021-41035
CVE-2021-32804
CVE-2021-2341
CVE-2021-38296
CVE-2021-44521
CVE-2022-21294
CVE-2022-21365
CVE-2022-21360
CVE-2022-21349
CVE-2022-21341
CVE-2022-21340
CVE-2022-21305
CVE-2022-21293
CVE-2020-10683
CVE-2022-21291
CVE-2022-21248
CVE-2021-38153
CVE-2021-35550
CVE-2021-37136
CVE-2021-43797
CVE-2021-37137
CWE-ID CWE-20
CWE-22
CWE-347
CWE-94
CWE-284
CWE-36
CWE-254
CWE-749
CWE-208
CWE-300
CWE-400
CWE-444
Exploitation vector Network
Public exploit Public exploit code for vulnerability #18 is available.
Vulnerable software
Subscribe
Netcool Operations Insight
Server applications / Other server solutions

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 34 vulnerabilities.

1) Improper input validation

EUVDB-ID: #VU57495

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-35578

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the JSSE component in Oracle GraalVM Enterprise Edition when processing TLS 1.3 ClientHello packets. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Path traversal

EUVDB-ID: #VU58204

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-37713

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to overwrite arbitrary files on the system.

The vulnerability exists due insufficient logic on Windows systems when extracting tar files that contained a path that was not an absolute path, but specified a drive letter different from the extraction target, such as C:some\path. If the drive letter does not match the extraction target, for example D:\extraction\dir, then the result of path.resolve(extractionDirectory, entryPath) would resolve against the current working directory on the C: drive, rather than the extraction target directory.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Improper input validation

EUVDB-ID: #VU55057

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-2388

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Improper Verification of Cryptographic Signature

EUVDB-ID: #VU55058

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-2369

CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to an error in JAR validation implementation. A remote attacker can modify the signed JAR file in a way it will be considered as signed.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Improper input validation

EUVDB-ID: #VU55059

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-2432

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the JNDI component in Java SE. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Improper input validation

EUVDB-ID: #VU57485

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-35560

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Deployment component in Java SE. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Improper input validation

EUVDB-ID: #VU57489

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-35586

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the ImageIO component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Improper input validation

EUVDB-ID: #VU57490

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-35564

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Keytool component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) Code Injection

EUVDB-ID: #VU52448

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-2161

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation in the java.lang.ProcessBuilder API on the Windows platform. A remote attacker can manipulate the Process command line and execute arbitrary code on the target system.


Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

10) Improper input validation

EUVDB-ID: #VU57492

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-35559

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Swing component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

11) Improper input validation

EUVDB-ID: #VU57491

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-35556

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Swing component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

12) Improper input validation

EUVDB-ID: #VU57494

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-35565

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the JSSE component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

13) Improper input validation

EUVDB-ID: #VU57497

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-35588

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

14) Improper access control

EUVDB-ID: #VU60083

Risk: High

CVSSv3.1:

CVE-ID: CVE-2021-41035

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. The JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. A remote attacker can send a request to a non-public method and gain unauthorized access to the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

15) Absolute Path Traversal

EUVDB-ID: #VU58205

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-32804

CWE-ID: CWE-36 - Absolute Path Traversal

Exploit availability: No

Description

The vulnerability allows a remote attacker to overwrite arbitrary files on the system.

The vulnerability exists due to a logic issue when file paths contained repeated path roots such as ////home/user/.bashrc. node-tar would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. ///home/user/.bashrc) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

16) Improper input validation

EUVDB-ID: #VU55060

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-2341

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Networking component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

17) Improper input validation

EUVDB-ID: #VU65470

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-38296

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Studio (Apache Spark) component in Oracle Financial Services Crime and Compliance Management Studio. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

18) Security features bypass

EUVDB-ID: #VU60551

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-44521

CWE-ID: CWE-254 - Security Features

Exploit availability: Yes

Description

The vulnerability allows a remote user to execute arbitrary code on the system.

The vulnerability exists due to insecure configuration that allows arbitrary code execution if the following settings are applied:

enable_user_defined_functions: true
enable_scripted_user_defined_functions: true
enable_user_defined_functions_threads: false

Note, such configuration is considered insecure and as not default.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

19) Improper input validation

EUVDB-ID: #VU59731

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-21294

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Libraries component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

20) Improper input validation

EUVDB-ID: #VU59723

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-21365

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the ImageIO component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

21) Improper input validation

EUVDB-ID: #VU59722

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-21360

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the ImageIO component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

22) Improper input validation

EUVDB-ID: #VU59718

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-21349

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the 2D component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

23) Improper input validation

EUVDB-ID: #VU59733

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-21341

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Serialization component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

24) Improper input validation

EUVDB-ID: #VU59732

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-21340

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Libraries component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

25) Improper input validation

EUVDB-ID: #VU59720

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-21305

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

26) Improper input validation

EUVDB-ID: #VU59730

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-21293

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Libraries component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

27) Exposed dangerous method or function

EUVDB-ID: #VU28238

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-10683

CWE-ID: CWE-749 - Exposed Dangerous Method or Function

Exploit availability: No

Description

The vulnerability allows a remote attacker to abuse implemented functionality.

The vulnerability exists due to dom4j allows by default external DTDs and External Entities. A remote attacker can abuse this functionality and perform XXE attack against application that uses dom4j default configuration.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

28) Improper input validation

EUVDB-ID: #VU59719

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-21291

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Hotspot component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

29) Improper input validation

EUVDB-ID: #VU59734

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-21248

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Serialization component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

30) Information Exposure Through Timing Discrepancy

EUVDB-ID: #VU56790

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-38153

CWE-ID: CWE-208 - Information Exposure Through Timing Discrepancy

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

the vulnerability exists due to some components in Apache Kafka use "Arrays.equals" to validate a password or key, which is vulnerable to timing attacks. A local user can abuse the "Arrays.equals" to brute force access credentials and escalate privileges on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

31) Man-in-the-Middle (MitM) attack

EUVDB-ID: #VU57487

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-35550

CWE-ID: CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to the JSSE component in Oracle GraalVM Enterprise Edition offers cipher suites in the wrong way, which causes weaker cipher suites to be offered ahead of the strong ones. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

32) Resource exhaustion

EUVDB-ID: #VU63127

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-37136

CWE-ID: CWE-400 - Uncontrolled Resource Consumption ('Resource Exhaustion')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in Bzip2 decompression decoder function. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

33) Inconsistent interpretation of HTTP requests

EUVDB-ID: #VU61810

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-43797

CWE-ID: CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')

Exploit availability: No

Description

The vulnerability allows a remote attacker to preform HTTP request smuggling attacks.

The vulnerability exists due to improper validation of HTTP requests when processing control chars present at the beginning / end of the header name. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.

Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

34) Improper input validation

EUVDB-ID: #VU59924

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-37137

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Content Acquisition System (Netty) component in Oracle Commerce Guided Search. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Netcool Operations Insight: 1.4 - 1.6.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-netcool-operations-insight-v1-6-5-contains-fixes-for-multiple-security-vulnerabilities/
http://www.ibm.com/support/pages/node/6616545

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###