Multiple vulnerabilities in IBM ILOG CPLEX Optimization Studio (COS)
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2022-42915 CVE-2022-42916 CVE-2022-32221 |
| CWE-ID | CWE-415 CWE-319 CWE-440 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
IBM ILOG CPLEX Optimization Studio (COS) Server applications / Other server solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Double Free
EUVDB-ID: #VU68748
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-42915
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing non-200 proxy HTTP responses for the following schemes: dict, gopher, gophers, ldap, ldaps, rtmp, rtmps, telnet. A remote attacker can trigger a double free error by forcing the application into connecting to resources that are not allowed by the configured proxy.
Mitigation
Install update from vendor's website.
Vulnerable software versionsIBM ILOG CPLEX Optimization Studio (COS): before 22.1
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-the-community-edition-of-ibm-ilog-cplex-optimization-studio-is-affected-by-multiple-vulnerabilities-in-libcurl-cve-2022-42915-cve-2022-42916-cve-2022-32221/
http://www.ibm.com/support/pages/node/6840059
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Cleartext transmission of sensitive information
EUVDB-ID: #VU68749
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-42916
CWE-ID:
CWE-319 - Cleartext Transmission of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to an error when parsing URL with IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. A remote attacker can bypass curl's HSTS check and trick it into using unencrypted HTTP protocol.
Install update from vendor's website.
Vulnerable software versionsIBM ILOG CPLEX Optimization Studio (COS): before 22.1
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-the-community-edition-of-ibm-ilog-cplex-optimization-studio-is-affected-by-multiple-vulnerabilities-in-libcurl-cve-2022-42915-cve-2022-42916-cve-2022-32221/
http://www.ibm.com/support/pages/node/6840059
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Expected behavior violation
EUVDB-ID: #VU68746
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32221
CWE-ID:
CWE-440 - Expected Behavior Violation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to force unexpected application behavior.
The vulnerability exists due to a logic error for a reused handle when processing subsequent HTTP PUT and POST requests. The libcurl can erroneously use the read callback (CURLOPT_READFUNCTION) to ask for data to send, even when the CURLOPT_POSTFIELDS option has been set, if the same handle previously was used to issue a PUT request, which used that callback. As a result, such behavior can influence application flow and force unpredictable outcome.
Install update from vendor's website.
Vulnerable software versionsIBM ILOG CPLEX Optimization Studio (COS): before 22.1
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-the-community-edition-of-ibm-ilog-cplex-optimization-studio-is-affected-by-multiple-vulnerabilities-in-libcurl-cve-2022-42915-cve-2022-42916-cve-2022-32221/
http://www.ibm.com/support/pages/node/6840059
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
