Multiple vulnerabilities in Oracle Communications Cloud Native Core Automated Test Suite

1) Insufficient verification of data authenticity

EUVDB-ID: #VU71398

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-23491

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass certificate validation checks.

The vulnerability exists due to presence of the TrustCor certificate in the Root Certificates list. the certificate is removed due to TrustCor's ownership also operated a business that produced spyware. Therefore, any checks that rely on digital signatures of trusted certificates were compromised.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Oracle Communications Cloud Native Core Automated Test Suite: 22.3.1 - 22.4.0

External links

http://www.oracle.com/security-alerts/cpuapr2023.html?947628

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper input validation

EUVDB-ID: #VU75226

Risk: High

CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-37865

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to damange or delete data.

The vulnerability exists due to improper input validation within the Installation (Apache Ivy) component in Oracle Communications Cloud Native Core Automated Test Suite. A remote non-authenticated attacker can exploit this vulnerability to damange or delete data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Oracle Communications Cloud Native Core Automated Test Suite: 22.3.1 - 22.4.0

External links

http://www.oracle.com/security-alerts/cpuapr2023.html?947628

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Deserialization of Untrusted Data

EUVDB-ID: #VU70530

Risk: High

CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-45047

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data within the org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider class. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Oracle Communications Cloud Native Core Automated Test Suite: 22.3.1 - 22.4.0

External links

http://www.oracle.com/security-alerts/cpuapr2023.html?947628

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

4) Protection Mechanism Failure

EUVDB-ID: #VU68596

Risk: Medium

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-43402

CWE-ID: CWE-693 - Protection Mechanism Failure

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient implementation of security measures in the Groovy language runtime. A remote user can bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Oracle Communications Cloud Native Core Automated Test Suite: 22.3.1 - 22.4.0

External links

http://www.oracle.com/security-alerts/cpuapr2023.html?947628

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Protection Mechanism Failure

EUVDB-ID: #VU68594

Risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-43401

CWE-ID: CWE-693 - Protection Mechanism Failure

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient implementation of security measures in the Groovy language runtime. A remote user can bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Oracle Communications Cloud Native Core Automated Test Suite: 22.3.1 - 22.4.0

External links

http://www.oracle.com/security-alerts/cpuapr2023.html?947628

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.