Multiple vulnerabilities in IBM Robotic Process Automation for Cloud Pak



Risk High
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2024-21626
CVE-2024-24557
CVE-2024-24786
CWE-ID CWE-254
CWE-345
CWE-835
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
Robotic Process Automation for Cloud Pak
Other software / Other software solutions

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Security features bypass

EUVDB-ID: #VU85991

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C]

CVE-ID: CVE-2024-21626

CWE-ID: CWE-254 - Security Features

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to an internal file descriptor leak that can cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace or a malicious image to allow a container process to gain access to the host filesystem through runc run. A remote attacker can trick the victim into loading a malicious image to bypass sandbox restrictions and execute arbitrary code on the host OS.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.19, 23.0.19, 21.0.7.19

CPE2.3 External links

http://www.ibm.com/support/pages/node/7177585


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.

2) Insufficient verification of data authenticity

EUVDB-ID: #VU86049

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-24557

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to insufficient verification of data authenticity. A remote attacker can poison victim´s cache by making them pull a specially crafted image that would be considered as a valid cache candidate for some build steps.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.19, 23.0.19, 21.0.7.19

CPE2.3
External links

http://www.ibm.com/support/pages/node/7177585


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Infinite loop

EUVDB-ID: #VU87326

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-24786

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop when parsing data in an invalid JSON format within the protojson.Unmarshal() function. A remote attacker can consume all available system resources and cause denial of service conditions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.19, 23.0.19, 21.0.7.19

CPE2.3
External links

http://www.ibm.com/support/pages/node/7177585


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###