Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 4 |
CVE-ID | CVE-2023-4607 CVE-2023-25492 CVE-2023-25495 CVE-2023-0683 |
CWE-ID | CWE-264 CWE-134 CWE-200 CWE-284 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software |
IBM Cloud Pak System Server applications / Server solutions for antivurus protection |
Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
EUVDB-ID: #VU80746
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-4607
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to improperly imposed security restrictions. A local authenticated Lenovo XClarity Controller (XCC) user can change permissions for any user through a crafted API command. MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak System: before 2.3.4.0
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/7147906
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU73738
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-25492
CWE-ID:
CWE-134 - Use of Externally-Controlled Format String
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to a format string error within the XCC web interface. A remote user can send a specially crafted HTTP request to the API and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak System: before 2.3.4.0
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/7147906
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU73739
Risk: Low
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-25495
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote administrator to gain access to sensitive information.
The vulnerability exists due to API exposes LDAP configuration, including the configured LDAP client password used by XCC to authenticate to an external LDAP server. A remote privileged user can gain access to sensitive information.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak System: before 2.3.4.0
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/7147906
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU73737
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-0683
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions within the API. A remote user can send a specially crafted request to the API and gain unauthorized access to the application.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak System: before 2.3.4.0
CPE2.3 External linkshttp://www.ibm.com/support/pages/node/7147906
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.