Multiple vulnerabilities in IBM Intelligent Operations Center (IOC)



Risk Low
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2018-11797
CVE-2016-2175
CWE-ID CWE-835
CWE-20
Exploitation vector Network
Public exploit N/A
Vulnerable software
IBM Intelligent Operations Center
Server applications / Other server solutions

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Infinite loop

EUVDB-ID: #VU15176

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-11797

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability vulnerability allows an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a target system.

The vulnerability exists in the Apache PDFBox parser due to improper processing of PDF files when parsing the page tree. A remote attacker can trick the victim into opening a PDF file that submits malicious input to the targeted system, trigger an infinite loop condition, which could lead to an out-of-memory exception and result in a DoS condition.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Intelligent Operations Center: 5.1.0 - 5.2.3

CPE2.3 External links

http://www.ibm.com/support/pages/node/7030626


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Input validation error

EUVDB-ID: #VU40255

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-2175

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local authenticated user to execute arbitrary code.

Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted PDF. <a href="http://cwe.mitre.org/data/definitions/611.html">CWE-611: Improper Restriction of XML External Entity Reference ('XXE')</a>

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Intelligent Operations Center: 5.1.0 - 5.2.3

CPE2.3 External links

http://www.ibm.com/support/pages/node/7030626


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###