Multiple vulnerabilities in IBM Cloud Pak for Watson AIOps



Published: 2023-04-27 | Updated: 2023-05-17
Risk High
Patch available YES
Number of vulnerabilities 10
CVE-ID CVE-2022-23307
CVE-2020-9493
CVE-2021-27568
CVE-2021-37136
CVE-2021-37137
CVE-2020-9492
CVE-2019-0205
CVE-2018-11793
CVE-2015-5237
CVE-2023-29017
CVE-2023-28154
CWE-ID CWE-502
CWE-20
CWE-400
CWE-264
CWE-835
CWE-399
CWE-122
CWE-913
CWE-284
Exploitation vector Network
Public exploit Public exploit code for vulnerability #9 is available.
Vulnerable software
Subscribe 		IBM Cloud Pak for Watson AIOps
Other software / Other software solutions

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 10 vulnerabilities.

1) Deserialization of Untrusted Data

EUVDB-ID: #VU59693

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-23307,CVE-2020-9493

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak for Watson AIOps : before 3.7.1

External links

http://www.ibm.com/support/pages/node/6986577


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper input validation

EUVDB-ID: #VU55372

Risk: High

CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-27568

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to read data or crash the application.

The vulnerability exists due to improper input validation within the REST Services (netplex json-smart-v1) component in PeopleSoft Enterprise PeopleTools. A remote non-authenticated attacker can exploit this vulnerability to read data or crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak for Watson AIOps : before 3.7.1

External links

http://www.ibm.com/support/pages/node/6986577


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Resource exhaustion

EUVDB-ID: #VU63127

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-37136

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in Bzip2 decompression decoder function. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak for Watson AIOps : before 3.7.1

External links

http://www.ibm.com/support/pages/node/6986577


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper input validation

EUVDB-ID: #VU59924

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-37137

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Content Acquisition System (Netty) component in Oracle Commerce Guided Search. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak for Watson AIOps : before 3.7.1

External links

http://www.ibm.com/support/pages/node/6986577


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Security restrictions bypass

EUVDB-ID: #VU50000

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-9492

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to the way Apache Hadoop handles SPNEGO authorization headers. A remote WebHDFS client can trigger services to send server credentials to a webhdfs path for capturing the service principal.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak for Watson AIOps : before 3.7.1

External links

http://www.ibm.com/support/pages/node/6986577


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Infinite loop

EUVDB-ID: #VU22565

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-0205

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop when processing user-supplied input. A remote attacker can pass malicious input to the application and consume all available system resources or cause denial of service conditions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak for Watson AIOps : before 3.7.1

External links

http://www.ibm.com/support/pages/node/6986577


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Resource management error

EUVDB-ID: #VU17911

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-11793

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect processing of nested data within a JSON array. A remote unauthenticated attacker can supply a specially crafted JSON array,  overflow the stack due to unbounded recursion and perform denial of service (DoS) attack,

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak for Watson AIOps : before 3.7.1

External links

http://www.ibm.com/support/pages/node/6986577


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Heap-based buffer overflow

EUVDB-ID: #VU70097

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2015-5237

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak for Watson AIOps : before 3.7.1

External links

http://www.ibm.com/support/pages/node/6986577


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Improper Control of Dynamically-Managed Code Resources

EUVDB-ID: #VU74606

Risk: High

CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2023-29017

CWE-ID: CWE-913 - Improper Control of Dynamically-Managed Code Resources

Exploit availability: No

Description

The vulnerability allows a remote attacker to escape sandbox restrictions.

The vulnerability exists due to improper handling of host objects passed to "Error.prepareStackTrace" in case of unhandled async errors. A remote attacker can pass specially crafted input to the application, escape sandbox restrictions and execute arbitrary code on the host.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak for Watson AIOps : before 3.7.1

External links

http://www.ibm.com/support/pages/node/6986577


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

10) Improper access control

EUVDB-ID: #VU74478

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-28154

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions on cross-realm objects in ImportParserPlugin.js. A remote attacker who controls a property of an untrusted object can obtain access to the real global object.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak for Watson AIOps : before 3.7.1

External links

http://www.ibm.com/support/pages/node/6986577


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###