SB2024091019 - Multiple vulnerabilities in IBM Maximo Application Suite - Manage Component

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024091019

SB2024091019 - Multiple vulnerabilities in IBM Maximo Application Suite - Manage Component

Published: September 10, 2024

Security Bulletin ID SB2024091019
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Data Handling (CVE-ID: CVE-2018-20225)

The vulnerability allows a remote attacker to compromise the affected system.

The issue exists due to the way pip handles software versioning during installation with --extra-index-url option enabled, which results in the version with the highest version number to be installed, even if the user had intended to obtain a private package from a private index. A remote attacker compromise the repository and force installation of a malicious package.


2) Path traversal (CVE-ID: CVE-2019-20916)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences passed via URL to the install command within the _download_http_url() function in _internal/download.py. A remote attacker can send a specially crafted HTTP request with the Content-Disposition header that contains directory traversal characters in the filename and overwrite the /root/.ssh/authorized_keys file.


3) Information disclosure (CVE-ID: CVE-2023-43804)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to urllib does not strip the "Cookie" HTTP header during cross-origin HTTP redirects. A remote attacker can gain unauthorized access to sensitive information.


4) Input validation error (CVE-ID: CVE-2023-4807)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the POLY1305 MAC (message authentication code) implementation. A remote attacker can send specially crafted input to the application and corrupt MM registers on Windows 64 platform, resulting in a denial of service condition.


Remediation

Install update from vendor's website.

References