SB2023062005 - Multiple vulnerabilities in IBM Copy Services Manager

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023062005

SB2023062005 - Multiple vulnerabilities in IBM Copy Services Manager

Published: June 20, 2023 Updated: October 25, 2024

Security Bulletin ID SB2023062005
CSH Severity
High
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

High 17% Medium 33% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 vulnerabilities.


1) Code Injection (CVE-ID: CVE-2021-23450)

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber


The disclosed vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can inject and execute arbitrary script code via the setObject function.


2) LDAP injection (CVE-ID: CVE-2021-39031)

CWE-ID: CWE-90 - Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to improper input validation when processing DLAP queries. A remote user can send a specially crafted request to modify the original LDAP query and gain unauthorized access to the application.


3) Input validation error (CVE-ID: CVE-2018-25031)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear


The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can trick the victim into opening a specially crafted URL to display remote OpenAPI definitions.


4) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2022-22310)

CWE-ID: CWE-327 - Use of a Broken or Risky Cryptographic Algorithm

CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to usage of a weak cryptographic algorithms. A remote attacker can intercept and decrypt traffic.


5) Improper Restriction of Rendered UI Layers or Frames (CVE-ID: CVE-2021-46708)

CWE-ID: CWE-1021 - Improper Restriction of Rendered UI Layers or Frames

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can trick the victim into opening a specially crafted URL to hijack the victim's click actions and possibly launch further attacks against the victim.


6) Spoofing attack (CVE-ID: CVE-2021-39038)

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote attacker to perform clickjacking attack.

The vulnerability exists due to incorrect processing of user-supplied data, when REST API discovery is configured through the WebSphere administrative console Web Container settings to enable the API Discovery service, or through IBM WebSphere Application Server Liberty features mpOpenAPI-1.0, mpOpenAPI-1.1, mpOpenAPI-2.0, apiDiscovery-1.0, openapi-3.0 or openapi-3.1. A remote attacker can perform clickjacking attack.


Remediation

Install update from vendor's website.

References