Multiple vulnerabilities in HPE Unified OSS Console
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2022-24834 CVE-2023-32002 CVE-2023-38552 |
| CWE-ID | CWE-122 CWE-264 CWE-354 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software Subscribe |
HPE Unified OSS Console (UOC) Web applications / Remote management & hosting panels |
| Vendor | Hewlett Packard Enterprise Development LP |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Heap-based buffer overflow
EUVDB-ID: #VU78506
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2022-24834
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the cjson and cmsgpack libraries. A remote attacker can trick the victim into using a specially crafted Lua script to trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsHPE Unified OSS Console (UOC): before 3.1.0
External linkshttp://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbmu04573en_us
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU79332
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-32002
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to improperly imposed security restrictions for the Module._load() method. A remote attacker can bypass the policy mechanism and include modules outside of the policy.json definition for a given module.
Install update from vendor's website.
Vulnerable software versionsHPE Unified OSS Console (UOC): before 3.1.0
External linkshttp://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbmu04573en_us
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper validation of integrity check value
EUVDB-ID: #VU82069
Risk: Medium
CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-38552
CWE-ID:
CWE-354 - Improper Validation of Integrity Check Value
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to an error in the policy feature, which checks the integrity of a resource against a trusted manifest. An application can intercept the operation and return a forged checksum to node's policy implementation, thus effectively disabling the integrity check.
MitigationInstall update from vendor's website.
Vulnerable software versionsHPE Unified OSS Console (UOC): before 3.1.0
External linkshttp://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbmu04573en_us
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
