SB2023051161 - RSA Authentication Manager update for third-party components
Published: May 11, 2023 Updated: May 17, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 14 secuirty vulnerabilities.
1) Improper input validation (CVE-ID: CVE-2023-21996)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Web Services component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.
2) Improper input validation (CVE-ID: CVE-2023-21960)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The vulnerability exists due to improper input validation within the Core component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.
3) Improper input validation (CVE-ID: CVE-2023-21956)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The vulnerability exists due to improper input validation within the Web Container component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.
4) Improper input validation (CVE-ID: CVE-2023-21979)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Core component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
5) Improper input validation (CVE-ID: CVE-2023-21964)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Core component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.
6) Improper input validation (CVE-ID: CVE-2023-21931)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Core component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
7) Information Exposure Through Timing Discrepancy (CVE-ID: CVE-2022-4304)
The vulnerability allows a remote attacker to obtain sensitive information.
The vulnerability exists due to a timing based side channel exists in the OpenSSL RSA Decryption implementation. A remote attacker can perform a Bleichenbacher style attack and decrypt data sent over the network.
To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.
8) Infinite loop (CVE-ID: CVE-2023-1390)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop in tipc_link_xmit() within the Linux kernel TIPC kernel module when parsing UDp packets. A remote attacker can send two small UDP packets to a system with a UDP bearer and consume all available CPU resources.
9) Use-after-free (CVE-ID: CVE-2023-0215)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the BIO_new_NDEF function. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.
10) Type Confusion (CVE-ID: CVE-2023-0286)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a type confusion error related to X.400 address processing inside an X.509 GeneralName. A remote attacker can pass specially crafted data to the application, trigger a type confusion error and perform a denial of service (DoS) attack or read memory contents.
In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.
11) Double Free (CVE-ID: CVE-2022-4450)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the PEM_read_bio_ex() function. A remote attacker can pass specially crafted PEM file to the application, trigger a double free error and perform a denial of service (DoS) attack.
12) Allocation of Resources Without Limits or Throttling (CVE-ID: CVE-2023-23916)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect implementation of the "chained" HTTP compression algorithms, where the number of links in the decompression chain was limited for each header instead of the entire request. A remote attacker can send a specially crafted compressed HTTP request with numerous headers and perform a denial of service (DoS) attack.
13) Heap-based buffer overflow (CVE-ID: CVE-2022-48303)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the from_header() function in list.c when handling V7 archives. A remote attacker can trick the victim to open a specially crafted V7 archive, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
14) Out-of-bounds write (CVE-ID: CVE-2023-0767)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing PKCS 12 Safe Bag attributes. A remote attacker can create a specially crafted PKCS 12 cert bundle, trick the victim into loading it, trigger an out-of-bounds write and execute arbitrary code on the target system.
Remediation
Install update from vendor's website.