Multiple vulnerabilities in IBM Cloud Pak System



Risk Medium
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2023-4607
CVE-2023-25492
CVE-2023-25495
CVE-2023-0683
CWE-ID CWE-264
CWE-134
CWE-200
CWE-284
Exploitation vector Network
Public exploit N/A
Vulnerable software
IBM Cloud Pak System
Server applications / Server solutions for antivurus protection

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU80746

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4607

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to improperly imposed security restrictions. A local authenticated Lenovo XClarity Controller (XCC) user can change permissions for any user through a crafted API command.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak System: before 2.3.4.0

CPE2.3 External links

http://www.ibm.com/support/pages/node/7147906


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Format string error

EUVDB-ID: #VU73738

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-25492

CWE-ID: CWE-134 - Use of Externally-Controlled Format String

Exploit availability: No

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to a format string error within the XCC web interface. A remote user can send a specially crafted HTTP request to the API and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak System: before 2.3.4.0

CPE2.3 External links

http://www.ibm.com/support/pages/node/7147906


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Information disclosure

EUVDB-ID: #VU73739

Risk: Low

CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-25495

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote administrator to gain access to sensitive information.

The vulnerability exists due to API exposes LDAP configuration, including the configured LDAP client password used by XCC to authenticate to an external LDAP server. A remote privileged user can gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak System: before 2.3.4.0

CPE2.3 External links

http://www.ibm.com/support/pages/node/7147906


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper access control

EUVDB-ID: #VU73737

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0683

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions within the API. A remote user can send a specially crafted request to the API and gain unauthorized access to the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak System: before 2.3.4.0

CPE2.3 External links

http://www.ibm.com/support/pages/node/7147906


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###