Multiple vulnerabilities in IBM Robotic Process Automation for Cloud Pak



Risk High
Patch available YES
Number of vulnerabilities 7
CVE-ID CVE-2022-0536
CVE-2022-0613
CVE-2022-23491
CVE-2022-24723
CVE-2022-41064
CVE-2022-41854
CVE-2022-42919
CWE-ID CWE-200
CWE-639
CWE-345
CWE-20
CWE-787
CWE-502
Exploitation vector Network
Public exploit N/A
Vulnerable software
Robotic Process Automation for Cloud Pak
Other software / Other software solutions

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 7 vulnerabilities.

1) Information disclosure

EUVDB-ID: #VU61668

Risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0536

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A remote attacker can gain unauthorized access to sensitive information on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.1, 23.0.1, 21.0.7.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/6890731


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Authorization bypass through user-controlled key

EUVDB-ID: #VU66815

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0613

CWE-ID: CWE-639 - Authorization Bypass Through User-Controlled Key

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to the application.

The vulnerability exists due to missing access checks. A remote attacker can manipulate values in the request to gain unauthorized access to the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.1, 23.0.1, 21.0.7.1

CPE2.3
External links

http://www.ibm.com/support/pages/node/6890731


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Insufficient verification of data authenticity

EUVDB-ID: #VU71398

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-23491

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass certificate validation checks.

The vulnerability exists due to presence of the TrustCor certificate in the Root Certificates list. the certificate is removed due to TrustCor's ownership also operated a business that produced spyware. Therefore, any checks that rely on digital signatures of trusted certificates were compromised.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.1, 23.0.1, 21.0.7.1

CPE2.3
External links

http://www.ibm.com/support/pages/node/6890731


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Input validation error

EUVDB-ID: #VU69644

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-24723

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to modify application behavior.

The vulnerability exists due to insufficient validation of user-supplied input when handling whitespace characters  in URL. A remote attacker can pass specially crafted input to the application and modify application behavior.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.1, 23.0.1, 21.0.7.1

CPE2.3
External links

http://www.ibm.com/support/pages/node/6890731


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Information disclosure

EUVDB-ID: #VU69144

Risk: Low

CVSSv3.1: 5.1 [CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-41064

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application in .NET Framework. A remote user on the local network can gain unauthorized access to sensitive information on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.1, 23.0.1, 21.0.7.1

CPE2.3
External links

http://www.ibm.com/support/pages/node/6890731


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Out-of-bounds write

EUVDB-ID: #VU70524

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-41854

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to a boundary error when parsing untrusted YAML files. A remote attacker can send a specially crafted YAML file, trick the victim into opening it using the affected software, trigger out-of-bounds write and perform a denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.1, 23.0.1, 21.0.7.1

CPE2.3
External links

http://www.ibm.com/support/pages/node/6890731


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Deserialization of Untrusted Data

EUVDB-ID: #VU69391

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-42919

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to Python multiprocessing library, when used with the forkserver start method on Linux allows pickles to be deserialized from any user in the same machine local network namespace, which in many system configurations means any user on the same machine.A local user can execute arbitrary code with privileges of the user running the any forkserver process.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.1, 23.0.1, 21.0.7.1

CPE2.3
External links

http://www.ibm.com/support/pages/node/6890731


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###