Multiple vulnerabilities in IBM Application Performance Management



Published: 2022-11-16
Risk High
Patch available YES
Number of vulnerabilities 33
CVE-ID CVE-2022-34472
CVE-2022-1802
CVE-2022-2505
CVE-2022-34484
CVE-2022-29909
CVE-2022-38472
CVE-2022-36319
CVE-2022-31742
CVE-2022-34468
CVE-2022-31741
CVE-2022-2200
CVE-2022-31737
CVE-2022-36318
CVE-2022-29916
CVE-2022-31736
CVE-2022-36314
CVE-2022-31740
CVE-2022-1529
CVE-2022-34470
CVE-2022-29912
CVE-2022-38473
CVE-2022-29914
CVE-2022-38476
CVE-2022-38477
CVE-2022-29911
CVE-2022-34479
CVE-2022-29917
CVE-2022-31739
CVE-2022-34481
CVE-2022-38478
CVE-2022-34478
CVE-2022-31738
CVE-2022-31747
CWE-ID CWE-388
CWE-94
CWE-119
CWE-264
CWE-451
CWE-200
CWE-254
CWE-457
CWE-787
CWE-79
CWE-668
CWE-20
CWE-416
CWE-357
CWE-1021
CWE-22
CWE-190
CWE-939
Exploitation vector Network
Public exploit Public exploit code for vulnerability #2 is available.
Vulnerable software
Subscribe
IBM Cloud Application Performance Management (APM)
Server applications / Other server solutions

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 33 vulnerabilities.

1) Error Handling

EUVDB-ID: #VU64760

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-34472

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a remote attacker to influence browser behavior.

The vulnerability exists due to improper error handling when processing unavailable PAC file. If a PAC URL is set and the server that hosts the PAC is unreachable, OCSP requests are blocked, resulting in incorrect error pages being shown.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Code Injection

EUVDB-ID: #VU63501

Risk: High

CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-1802

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to prototype pollution in Top-Level Await implementation. A remote attacker can trick the victim to visit a specially crafted website, corrupt the methods of an Array object in JavaScript via prototype pollution and execute arbitrary JavaScript code in a privileged context.

Successful exploitation of the vulnerability may allow an attacker to compromise the affected system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

3) Buffer overflow

EUVDB-ID: #VU65796

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2505

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Buffer overflow

EUVDB-ID: #VU64763

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-34484

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU62757

Risk: High

CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-29909

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due improper management of permissions within the application. Documents in deeply-nested cross-origin browsing contexts can obtain permissions granted to the top-level origin. A remote attacker can create a web page that bypasses the existing browser prompt and wrongfully inherits the top-level permissions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Spoofing attack

EUVDB-ID: #VU66719

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-38472

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of XSLT errors. A remote attacker can spoof the address bar and trick the user into submitting data intended for the spoofed origin.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Spoofing attack

EUVDB-ID: #VU65793

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-36319

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to an error, related to mouse pointer positioning when combining CSS properties for overflow and transform. A remote attacker can trick the victim into interacting with mouse cursor with different coordinates than displayed.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Information disclosure

EUVDB-ID: #VU63878

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-31742

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to an error when handling a large number of allowCredential entries. A remote attacker can trick the victim to visit a specially crafted website, launch a timing attack and detect the difference between invalid key handles and cross-origin key handles. Successful exploitation of the vulnerability can lead to cross-origin account linking in violation of WebAuthn goals.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Security features bypass

EUVDB-ID: #VU64752

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-34468

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to improper handling of the CSP sandbox header without "allow-scripts" option. A remote attacker use an iframe to bypass implemented CSP restriction and execute scripts if the user clicks on a javascript: link.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Use of Uninitialized Variable

EUVDB-ID: #VU63877

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-31741

CWE-ID: CWE-457 - Use of Uninitialized Variable

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted webpage, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Code Injection

EUVDB-ID: #VU64762

Risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2200

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary JavaScript code.

The vulnerability exists due to improper input validation when handling JavaScript attributes. A remote attacker can pass undesired attributes to JavaScript object and perform prototype pollution and execute arbitrary JavaScript code in the browser.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Out-of-bounds write

EUVDB-ID: #VU63873

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-31737

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error in WebGL when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Cross-site scripting

EUVDB-ID: #VU65795

Risk: Medium

CVSSv3.1: 4.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-36318

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data when visiting directory listings for chrome:// URLs as source text. A remote attacker can execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Information disclosure

EUVDB-ID: #VU62758

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-29916

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to browsers behaves differently when loading CSS from known resources involving CSS variables. A remote attacker can monitor browser behavior to guess which websites were previously visited and are stored in browser history.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Information disclosure

EUVDB-ID: #VU63872

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-31736

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to an error when processing HTTP requests. A malicious website can obtain the size of a cross-origin resource that supported Range requests.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Exposure of Resource to Wrong Sphere

EUVDB-ID: #VU65794

Risk: Low

CVSSv3.1: 2.5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-36314

CWE-ID: CWE-668 - Exposure of resource to wrong sphere

Exploit availability: No

Description

The vulnerability allows an attacker to initiate unintended actions.

The vulnerability exists due to an error when opening .lnk shortcuts on the system. If the shortcut contains a link to an external resource the browser can initiate network requests from the operating system.

The vulnerability affects Windows installations only.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Buffer overflow

EUVDB-ID: #VU63876

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-31740

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error related to register allocation problem in WASM on arm64. A remote attacker can create a specially crafted webpage, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Input validation error

EUVDB-ID: #VU63502

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1529

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insufficient validation of user-supplied input within the NotificationsDB module. A remote attacker can trick the victim to visit a specially crafted web page, which passes malicious messages to the parent process where the contents is used to double-index into a JavaScript object. As a result, an attacker can perform prototype pollution and execute arbitrary JavaScript code in the privileged parent process.

Successful exploitation of the vulnerability may allow an attacker to compromise the affected system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Use-after-free

EUVDB-ID: #VU64751

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-34470

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in nsSHistory when handling XML documents. A remote attacker can trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Security features bypass

EUVDB-ID: #VU62760

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-29912

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to requests initiated through reader mode did not properly omit cookies with a SameSite attribute. A remote attacker can intercept cookies with SameSite attribute set.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU66720

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-38473

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to incorrectly imposed security restrictions on a cross-origin iframe referencing an XSLT document. A remote attacker can trick the victim to visit a specially crafted website and inherit the parent domain's permissions to access microphone or camera.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Insufficient UI warning of dangerous operations

EUVDB-ID: #VU62756

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-29914

CWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to an error when reusing existing popups. A remote attacker can trick the victim to visit a specially crated website and abuse the popups to cover the fullscreen notification UI, which can allow browser spoofing attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Use-after-free

EUVDB-ID: #VU66725

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-38476

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a data race within the in the PK11_ChangePW function. A remote attacker can trigger a use-after-free error and crash the browser.


Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Buffer overflow

EUVDB-ID: #VU66723

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-38477

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Security features bypass

EUVDB-ID: #VU62759

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-29911

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to improper protection for the top-level navigation for an iframe sandbox with a policy relaxed through a keyword like allow-top-navigation-by-user-activation. A remote attacker can abuse this to bypass implemented sandboxing restrictions of loaded iframes.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Improper Restriction of Rendered UI Layers or Frames

EUVDB-ID: #VU64750

Risk: Medium

CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-34479

CWE-ID: CWE-1021 - Improper Restriction of Rendered UI Layers or Frames

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to improper handling of resizing event for a popup window. A remote attacker can create a specially crafted website that can create a resized popup to overlay the address bar with its own content and perform spoofing attack.

Note, the vulnerability affects Linux installations only.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Buffer overflow

EUVDB-ID: #VU62763

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-29917

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Path traversal

EUVDB-ID: #VU63875

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-31739

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when saving downloaded files on Windows. A remote attacker can use the "%" character in filename to store data outside the intended directory using Windows environment variables, such as %HOMEPATH% or %APPDATA%.

The vulnerability affects Windows installations only.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Integer overflow

EUVDB-ID: #VU64756

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-34481

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in the nsTArray_Impl::ReplaceElementsAt() function. A remote attacker can trick the victim to visit a specially crafted website, trigger an integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Buffer overflow

EUVDB-ID: #VU66724

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-38478

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Improper Authorization in Handler for Custom URL Scheme

EUVDB-ID: #VU64761

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-34478

CWE-ID: CWE-939 - Improper Authorization in Handler for Custom URL Scheme

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insecure usage of URI handlers that allow usage of ms-msdt, search, and search-ms protocols. A remote attacker can trick the victim to click on a specially crafted link and execute arbitrary code on the system, if the victim accepts the browser prompt.

The vulnerability affects Firefox on Windows.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Spoofing attack

EUVDB-ID: #VU63874

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-31738

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to an error when exiting fullscreen mode. A remote attacker can use an iframe to confused the browser about the current state of fullscreen and perform spoofing attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Buffer overflow

EUVDB-ID: #VU63879

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-31747

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Application Performance Management (APM): before 8.1.4.0.16

External links

http://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-of-mozilla-firefox-less-than-firefox-102-2esr-have-affected-synthetic-playback-agent-8-1-4-0-8-1-4-if16-2022-4-0/
http://www.ibm.com/support/pages/node/6839439


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###