SB2023021764 - RSA Authentication Manager update for third-party components
Published: February 17, 2023 Updated: May 17, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 29 secuirty vulnerabilities.
1) Deserialization of untrusted data (CVE-ID: CVE-2018-7489)
The vulnerability allows a remote unauthenticated attacker to bypass security restrictions and execute arbitrary code on the target system.The weakness exists in the readValue method due to improper validation of user-input. A remote attacker can send malicious JSON input, bypass security restrictions and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
2) XML External Entity injection (CVE-ID: CVE-2023-20052)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to enabling XML entity substitution. A remote attacker can pass a specially crafted XML code to the antivirus and view bytes from any file that may be read by the ClamAV scanning process.
3) Heap-based buffer overflow (CVE-ID: CVE-2023-20032)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the HFS+ partition file parser. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
4) Input validation error (CVE-ID: CVE-2020-10693)
The vulnerability allows a remote attacker to modify files on the system.
The vulnerability exists due to insufficient validation of user-supplied input when handling user-controlled data in error messages. A remote attacker can bypass input sanitation (escaping, stripping) controls.
5) Input validation error (CVE-ID: CVE-2020-13956)
The vulnerability allows a remote attacker to compromise the affected application.
The vulnerability exists due to insufficient validation of user-supplied input in Apache HttpClient. A remote attacker can pass request URIs to the library as java.net.URI object and force the application to pick the wrong target host for request execution.
6) Improper input validation (CVE-ID: CVE-2023-21841)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Core component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
7) Improper input validation (CVE-ID: CVE-2023-21839)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Core component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
8) Code Injection (CVE-ID: CVE-2023-21838)
The vulnerability allows a remote non-authenticated attacker to compromise the affected system.
The vulnerability exists due to improper input validation within the ForeignOpaqueReference class. A remote non-authenticated attacker can perform JNDI injection and execute arbitrary Java code on the system.9) Improper input validation (CVE-ID: CVE-2023-21837)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Core component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
10) Improper input validation (CVE-ID: CVE-2023-21842)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Web Container component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
11) Improper input validation (CVE-ID: CVE-2022-40153)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Centralized Third Party Jars (XStream) component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.
12) Resource exhaustion (CVE-ID: CVE-2022-40150)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when processing untrusted XML or JSON data. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
13) Out-of-bounds write (CVE-ID: CVE-2022-42920)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input within the API. A remote attacker can create a specially crafted request to the affected application, trigger an out-of-bounds write and execute arbitrary code on the target system.
14) Use-after-free (CVE-ID: CVE-2022-43680)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.
15) Use-after-free (CVE-ID: CVE-2022-3705)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when handling files within the qf_update_buffer() function in quickfix.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
16) Data Handling (CVE-ID: CVE-2015-8985)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing.
17) NULL pointer dereference (CVE-ID: CVE-2022-3621)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the nilfs2 filesystem driver within the nilfs_bmap_lookup_at_level() function in fs/nilfs2/inode.c in Linux kernel. A remote attacker can trick the victim into mounting a specially crafted image and perform a denial of service (DoS) attack.
18) Use-after-free (CVE-ID: CVE-2022-3649)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the nilfs2 filesystem driver in nilfs_new_inode() function in fs/nilfs2/inode.c in Linux kernel. A remote attacker can trick the victim into mounting a specially crafted image, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
19) Buffer overflow (CVE-ID: CVE-2022-43945)
The vulnerability allows a remote attacker to perform a denial of service attacl.
The vulnerability exists due to a boundary error within the Linux kernel NFSD implementation. A remote attacker can send the RPC message over TCP with garbage data added at the end of the message, trigger memory corruption and perform a denial of service (DoS) attack.
20) Race condition (CVE-ID: CVE-2022-3567)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the inet6_stream_ops() and inet6_dgram_ops() functions. A local user can exploit the race and escalate privileges on the system.
21) Buffer overflow (CVE-ID: CVE-2022-3628)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the brcmf_fweh_event_worker() function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c. A local user can use a specially crafted device to trigger memory corruption and escalate privileges on the system.
22) Use-after-free (CVE-ID: CVE-2022-43552)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error while processing denied requests from HTTP proxies when using SMB or TELNET protocols. A remote attacker can trigger a use-after-free error and crash the application.
23) NULL pointer dereference (CVE-ID: CVE-2022-41860)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the EAP-SIM module when parsing an unknown SIM option. A remote attacker can send specially crafted data to the application and perform a denial of service (DoS) attack.
24) Information disclosure (CVE-ID: CVE-2022-41859)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the compute_password_element() function leaks information about the password. A remote attacker can substantially reduce
the size of an offline dictionary attack and brute-force passwords.
25) Input validation error (CVE-ID: CVE-2022-41861)
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A malicious RADIUS client or home server can send a malformed
abinary attribute, which can cause the server to crash.
26) NULL pointer dereference (CVE-ID: CVE-2022-44792)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the handle_ipDefaultTTL() function in agent/mibgroup/ip-mib/ip_scalars.c. A remote non-authenticated attacker can send specially crafted UDP to the application and perform a denial of service (DoS) attack.
27) NULL pointer dereference (CVE-ID: CVE-2022-44793)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the handle_ipv6IpForwarding() function in agent/mibgroup/ip-mib/ip_scalars.c. A remote attacker can send specially crafted UDP packets to the application and perform a denial of service (DoS) attack.
28) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-37966)
The vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions in Windows Kerberos RC4-HMAC. A remote attacker can conduct a man-in-middle (MiTM) attack, which leads to security restrictions bypass and privilege escalation.
29) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2022-38023)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to security features bypass in Netlogon RPC. A remote attacker can bypass the Netlogon cryptography feature for signing and sealing traffic during Netlogon authentication.
Remediation
Install update from vendor's website.