SB2024062828 - Multiple vulnerabilities in IBM MQ Operator

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024062828

SB2024062828 - Multiple vulnerabilities in IBM MQ Operator

Published: June 28, 2024

Security Bulletin ID SB2024062828
Severity
Medium
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 71% Low 29%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) OS Command Injection (CVE-ID: CVE-2023-6004)

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in OpenSSH client. If an invalid user or hostname that contained shell metacharacters was passed to ssh(1), and a ProxyCommand, LocalCommand directive or "match exec" predicate referenced the user or hostname via %u, %h or similar expansion token, then an attacker who could supply arbitrary user/hostnames to ssh(1) could potentially perform command injection depending on what quoting was present in the user-supplied ssh_config(5) directive.



2) Unchecked Return Value (CVE-ID: CVE-2023-6918)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to libssh does not check for returned values of message digest (MD) operations in low memory conditions. A remote attacker can terminate the connection or force the library to use weak keys.


3) Resource exhaustion (CVE-ID: CVE-2024-22365)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in pam_namespace. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.


4) Memory leak (CVE-ID: CVE-2024-26458)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak in /krb5/src/lib/rpc/pmap_rmt.c. A remote attacker can perform a denial of service attack.


5) Insufficient verification of data authenticity (CVE-ID: CVE-2023-7008)

The vulnerability allows a remote attacker to perform a MitM attack.

The vulnerability exists due to systemd-resolved accepts records of DNSSEC-signed domains even when they have no signature. A remote attacker can perform MitM attack.


6) Resource exhaustion (CVE-ID: CVE-2024-3651)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources within the idna.encode() function. A remote attacker can pass an overly long domain name to the application and perform a denial of service (DoS) attack.


7) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2024-27256)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to usage of weak encryption algorithms. A remote attacker can decrypt sensitive information.


Remediation

Install update from vendor's website.

References