SB2023060126 - Multiple vulnerabilities in IBM Cloud Pak for Watson AIOps

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023060126

SB2023060126 - Multiple vulnerabilities in IBM Cloud Pak for Watson AIOps

Published: June 1, 2023

Security Bulletin ID SB2023060126
Severity
High
Patch available
YES
Number of vulnerabilities 9
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 22% Medium 56% Low 22%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 9 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2023-20863)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote user can use a specially crafted SpEL expression and perform a denial of service (DoS) attack.


2) PHP file inclusion (CVE-ID: CVE-2023-2603)

The vulnerability allows a remote attacker to include and execute arbitrary PHP files on the server.

The vulnerability exists due to incorrect input validation when including PHP files in web/ajax/modal.php. A remote non-authenticated attacker can send a specially crafted HTTP request to the affected application, include and execute arbitrary PHP code on the system with privileges of the web server.


3) Improper access control (CVE-ID: CVE-2023-27561)

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to improper access restrictions in the libcontainer/rootfs_linux.go. A local user can gain elevated privileges on the target system.


4) Uncaught Exception (CVE-ID: CVE-2023-2251)

The vulnerability allows a remote attacker to cause a denial of service condition.

The vulnerability exists due uncaught exception in the parseDocument() and parseAllDocuments() functions. A remote unauthenticated attacker can send a specially crafted input and cause a denial of service condition.


5) Improper Preservation of Permissions (CVE-ID: CVE-2023-28642)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to improper preservation of permissions in the AppArmor and SELinux when /proc inside the container is symlinked with a specific mount configuration. A remote attacker can gain access to the target application.


6) Input validation error (CVE-ID: CVE-2023-29013)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when parsing HTTP and MIME headers. A remote attacker can cause an HTTP server to allocate large amounts of memory from a small request and perform a denial of service (DoS) attack.


7) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2022-38023)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to security features bypass in Netlogon RPC. A remote attacker can bypass the Netlogon cryptography feature for signing and sealing traffic during Netlogon authentication.


8) Improper Preservation of Permissions (CVE-ID: CVE-2023-25809)

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to the rootless "/sys/fs/cgroup" is writable when cgroupns is not unshared. A local administrator can gain the write access to user-owned cgroup hierarchy "/sys/fs/cgroup/user.slice/..." on the host.


9) Memory leak (CVE-ID: CVE-2023-2602)

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak in the error handling in the __wrap_pthread_create() function. A remote attacker can send a specially crafted request, exploit vulnerability to exhaust the process memory and cause a denial of service condition.


Remediation

Install update from vendor's website.

References