SB2023042744 - Multiple vulnerabilities in IBM Cloud Pak for Watson AIOps

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023042744

SB2023042744 - Multiple vulnerabilities in IBM Cloud Pak for Watson AIOps

Published: April 27, 2023 Updated: February 11, 2025

Security Bulletin ID SB2023042744
Severity
High
Patch available
YES
Number of vulnerabilities 10
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 40% Medium 60%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 10 secuirty vulnerabilities.


1) Deserialization of Untrusted Data (CVE-ID: CVE-2020-9493)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


2) Improper input validation (CVE-ID: CVE-2021-27568)

The vulnerability allows a remote non-authenticated attacker to read data or crash the application.

The vulnerability exists due to improper input validation within the REST Services (netplex json-smart-v1) component in PeopleSoft Enterprise PeopleTools. A remote non-authenticated attacker can exploit this vulnerability to read data or crash the application.


3) Resource exhaustion (CVE-ID: CVE-2021-37136)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in Bzip2 decompression decoder function. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


4) Improper input validation (CVE-ID: CVE-2021-37137)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Content Acquisition System (Netty) component in Oracle Commerce Guided Search. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.


5) Security restrictions bypass (CVE-ID: CVE-2020-9492)

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to the way Apache Hadoop handles SPNEGO authorization headers. A remote WebHDFS client can trigger services to send server credentials to a webhdfs path for capturing the service principal.


6) Infinite loop (CVE-ID: CVE-2019-0205)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop when processing user-supplied input. A remote attacker can pass malicious input to the application and consume all available system resources or cause denial of service conditions.


7) Resource management error (CVE-ID: CVE-2018-11793)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect processing of nested data within a JSON array. A remote unauthenticated attacker can supply a specially crafted JSON array,  overflow the stack due to unbounded recursion and perform denial of service (DoS) attack,


8) Heap-based buffer overflow (CVE-ID: CVE-2015-5237)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


9) Improper Control of Dynamically-Managed Code Resources (CVE-ID: CVE-2023-29017)

The vulnerability allows a remote attacker to escape sandbox restrictions.

The vulnerability exists due to improper handling of host objects passed to "Error.prepareStackTrace" in case of unhandled async errors. A remote attacker can pass specially crafted input to the application, escape sandbox restrictions and execute arbitrary code on the host.


10) Improper access control (CVE-ID: CVE-2023-28154)

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions on cross-realm objects in ImportParserPlugin.js. A remote attacker who controls a property of an untrusted object can obtain access to the real global object.


Remediation

Install update from vendor's website.

References