Multiple vulnerabilities in IBM Edge Application Manager



Risk High
Patch available YES
Number of vulnerabilities 8
CVE-ID CVE-2022-24778
CVE-2022-21698
CVE-2021-3121
CVE-2021-20206
CVE-2021-32760
CVE-2020-8565
CVE-2021-30465
CVE-2021-21334
CWE-ID CWE-863
CWE-20
CWE-129
CWE-424
CWE-264
CWE-532
CWE-254
CWE-399
Exploitation vector Network
Public exploit N/A
Vulnerable software
IBM Edge Application Manager
Client/Desktop applications / Software for system administration

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 8 vulnerabilities.

1) Incorrect authorization

EUVDB-ID: #VU64699

Risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-24778

CWE-ID: CWE-863 - Incorrect Authorization

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists in imgcrypt library when checking the keys of an authorized user to access an encrypted image on systems where layers are not available and cannot run on the host architecture. A remote attacker can run an image without providing the previously decrypted keys and gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Edge Application Manager: 4.3 - 4.4

CPE2.3 External links

http://www.ibm.com/support/pages/node/6999559


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Input validation error

EUVDB-ID: #VU61599

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-21698

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within method label cardinality. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Edge Application Manager: 4.3 - 4.4

CPE2.3 External links

http://www.ibm.com/support/pages/node/6999559


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper Validation of Array Index

EUVDB-ID: #VU52902

Risk: High

CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-3121

CWE-ID: CWE-129 - Improper Validation of Array Index

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to improper validation of index array in plugin/unmarshal/unmarshal.go. A remote attacker can pass specially crafted data to the application and bypass implemented security restrictions, possibly leading to remote code execution.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Edge Application Manager: 4.3 - 4.4

CPE2.3 External links

http://www.ibm.com/support/pages/node/6999559


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper Protection of Alternate Path

EUVDB-ID: #VU55590

Risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-20206

CWE-ID: CWE-424 - Improper Protection of Alternate Path

Exploit availability: No

Description

The vulnerability allows a remote user to compromise the affected system.

the vulnerability exists due to improper input validation. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows a remote user to execute other existing binaries other than the cni plugins/types, such as 'reboot'.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Edge Application Manager: 4.3 - 4.4

CPE2.3 External links

http://www.ibm.com/support/pages/node/6999559


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU54999

Risk: Medium

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-32760

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to archive package allows chmod of file outside of unpack target directory. A remote attacker can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Edge Application Manager: 4.3 - 4.4

CPE2.3 External links

http://www.ibm.com/support/pages/node/6999559


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU64820

Risk: Low

CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-8565

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to authorization and bearer tokens will be written to log files if the logging level is set to at least 9. A local user can read the log files and gain access to sensitive data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Edge Application Manager: 4.3 - 4.4

CPE2.3 External links

http://www.ibm.com/support/pages/node/6999559


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Security features bypass

EUVDB-ID: #VU53399

Risk: Low

CVSSv3.1: 6.6 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-30465

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the security features bypass issue. A remote authenticated attacker on the local network can perform a symlink exchange attack and host filesystem being bind-mounted into the container.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Edge Application Manager: 4.3 - 4.4

CPE2.3 External links

http://www.ibm.com/support/pages/node/6999559


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Resource management error

EUVDB-ID: #VU51242

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-21334

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists due to incorrect management of internal resources. Containers launched through containerd's CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) that share the same image may receive incorrect environment variables, including values that are defined for other containers. If the affected containers have different security contexts, this may allow sensitive information to be unintentionally shared.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Edge Application Manager: 4.3 - 4.4

CPE2.3 External links

http://www.ibm.com/support/pages/node/6999559


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###