Multiple vulnerabilities in IBM Robotic Process Automation



| Updated: 2024-11-04
Risk High
Patch available YES
Number of vulnerabilities 7
CVE-ID CVE-2023-4527
CVE-2023-4806
CVE-2023-4813
CVE-2023-4911
CVE-2022-48560
CVE-2024-39705
CVE-2024-5569
CWE-ID CWE-125
CWE-416
CWE-119
CWE-502
CWE-835
Exploitation vector Network
Public exploit Vulnerability #4 is being exploited in the wild.
Vulnerable software
IBM Robotic Process Automation
Server applications / Other server solutions

Robotic Process Automation for Cloud Pak
Other software / Other software solutions

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 7 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU81097

Risk: Medium

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4527

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information or perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the getaddrinfo() function called with the AF_UNSPEC address family. A remote attacker with control over DNS server can send a DNS response via TCP larger than 2048 bytes, trigger an out-of-bounds read and crash the application or gain access to potentially sensitive information.

Successful exploitation of the vulnerability requires that system is configured with no-aaaa mode via /etc/resolv.conf.



Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Robotic Process Automation: before 21.0.7.18

Robotic Process Automation for Cloud Pak: before 21.0.7.18, 23.0.18, 21.0.7.18

CPE2.3 External links

http://www.ibm.com/support/pages/node/7173348


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU81447

Risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4806

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the getaddrinfo() function. A remote attacker can perform a denial of service (DoS) attack.


Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Robotic Process Automation: before 21.0.7.18

Robotic Process Automation for Cloud Pak: before 21.0.7.18, 23.0.18, 21.0.7.18

CPE2.3 External links

http://www.ibm.com/support/pages/node/7173348


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU81453

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4813

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the gaih_inet() function when the getaddrinfo() function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.


Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Robotic Process Automation: before 21.0.7.18

Robotic Process Automation for Cloud Pak: before 21.0.7.18, 23.0.18, 21.0.7.18

CPE2.3 External links

http://www.ibm.com/support/pages/node/7173348


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Buffer overflow

EUVDB-ID: #VU81437

Risk: Low

CVSSv3.1: 8.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2023-4911

CWE-ID: CWE-119 - Memory corruption

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient validation of GLIBC_TUNABLES environment variable. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Robotic Process Automation: before 21.0.7.18

Robotic Process Automation for Cloud Pak: before 21.0.7.18, 23.0.18, 21.0.7.18

CPE2.3 External links

http://www.ibm.com/support/pages/node/7173348


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

5) Use-after-free

EUVDB-ID: #VU82078

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-48560

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to use-after-free exists via heappushpop in heapq. A remote attacker can trigger the vulnerability to perform a denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Robotic Process Automation: before 21.0.7.18

Robotic Process Automation for Cloud Pak: before 21.0.7.18, 23.0.18, 21.0.7.18

CPE2.3 External links

http://www.ibm.com/support/pages/node/7173348


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Deserialization of Untrusted Data

EUVDB-ID: #VU96903

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-39705

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data within the pickle module. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Robotic Process Automation: before 21.0.7.18

Robotic Process Automation for Cloud Pak: before 21.0.7.18, 23.0.18, 21.0.7.18

CPE2.3 External links

http://www.ibm.com/support/pages/node/7173348


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Infinite loop

EUVDB-ID: #VU94792

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-5569

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop. A remote attacker can pass a specially crafted zip file to the application, consume all available system resources and cause denial of service conditions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Robotic Process Automation: before 21.0.7.18

Robotic Process Automation for Cloud Pak: before 21.0.7.18, 23.0.18, 21.0.7.18

CPE2.3 External links

http://www.ibm.com/support/pages/node/7173348


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###