Multiple vulnerabilities in IBM Cloud Pak for Business Automation
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 38 |
| CVE-ID | CVE-2024-32020 CVE-2015-3196 CVE-2016-2108 CVE-2016-2178 CVE-2016-2182 CVE-2016-6306 CVE-2017-3732 CVE-2024-32002 CVE-2024-32004 CVE-2024-32021 CVE-2015-3194 CVE-2024-32465 CVE-2024-37372 CVE-2024-22020 CVE-2024-22018 CVE-2024-36137 CVE-2024-36138 CVE-2024-27980 CVE-2015-3195 CVE-2017-9788 CVE-2010-2273 CVE-2024-7502 CVE-2024-5321 CVE-2024-25026 CVE-2023-45289 CVE-2024-24783 CVE-2023-45290 CVE-2024-24789 CVE-2018-15494 CVE-2017-7679 CVE-2024-43188 CVE-2022-33068 CVE-2024-24784 CVE-2024-24785 CVE-2024-35235 CVE-2021-32785 CVE-2016-0736 CVE-2017-3169 |
| CWE-ID | CWE-62 CWE-362 CWE-120 CWE-203 CWE-787 CWE-125 CWE-310 CWE-434 CWE-94 CWE-61 CWE-476 CWE-20 CWE-918 CWE-264 CWE-77 CWE-200 CWE-79 CWE-121 CWE-276 CWE-400 CWE-388 CWE-74 CWE-603 CWE-190 CWE-134 CWE-696 CWE-592 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #8 is available. Public exploit code for vulnerability #21 is available. Public exploit code for vulnerability #30 is available. Public exploit code for vulnerability #35 is available. Public exploit code for vulnerability #37 is available. Public exploit code for vulnerability #38 is available. |
| Vulnerable software |
IBM Cloud Pak for Business Automation Server applications / Other server solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 38 vulnerabilities.
1) UNIX Hard Link
EUVDB-ID: #VU91286
Risk: Medium
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-32020
CWE-ID:
CWE-62 - UNIX Hard Link
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the original repository.
The vulnerability exists due to insecure hardlink following when working with local clones. Local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a different user, then those hardlinked files may be rewritten at any point in time by the untrusted user.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Race condition
EUVDB-ID: #VU77556
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2015-3196
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in the ssl/s3_clnt.c in OpenSSL when used for a multi-threaded client. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system via a crafted ServerKeyExchange message.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Memory corruption
EUVDB-ID: #VU638
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-2108
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to cause memory corruption on the target system.
The weakness exists due to buffer underflow with an out-of-bounds write in i2c_ASN1_INTEGER. As ASN.1 parser (specifically, d2i_ASN1_TYPE) can misinterpret a large universal tag as a negative zero value, attacker may easily corrupt memory.
Successful exploitation of the vulnerability will allow a malicious user to trigger memory corruption on the vulnerable system.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Observable discrepancy
EUVDB-ID: #VU1589
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-2178
CWE-ID:
CWE-203 - Observable discrepancy
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform timing attack.
The vulnerability exists due to an error within the dsa_sign_setup() function in crypto/dsa/dsa_ossl.c. A local user can obtain a DSA private key via a timing side-channel attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds write
EUVDB-ID: #VU1968
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-2182
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error within the BN_bn2dec() function in crypto/bn/bn_print.c in OpenSSL. A remote attacker can send specially crafted data to the server, trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Denial of service
EUVDB-ID: #VU816
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-6306
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause DoS conditions on the target system.
The weakess exists due insufficient length validation of certain TLS/SSL protocol handshake messages. By causing out-of-bounds read error attackers can trigger the affected service deny.
Successful exploitation of the vulnerability will result in denial of service on the vulnerable system.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Information disclosure
EUVDB-ID: #VU5442
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-3732
CWE-ID:
CWE-310 - Cryptographic Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to propagating error in the x86_64 Montgomery squaring procedure. A remote attacker with access to unpatched vulnerable system that uses a shared private key with Diffie-Hellman (DH) parameters set can gain unauthorized access to sensitive private key information.
According to vendor’s advisory, this vulnerability is unlikely to be exploited in real-world attacks, as it requires significant resources and online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients.
Vulnerability exploitation against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Arbitrary file upload
EUVDB-ID: #VU89491
Risk: High
CVSSv4.0: 8.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2024-32002
CWE-ID:
CWE-434 - Unrestricted Upload of File with Dangerous Type
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to insufficient validation of file during file upload. A remote attacker can upload a malicious file and execute it on the server.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
9) Code Injection
EUVDB-ID: #VU89490
Risk: High
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-32004
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a process control issue while cloning special-crafted local repositories. A remote attacker can execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) UNIX symbolic link following
EUVDB-ID: #VU91287
Risk: Medium
CVSSv4.0: 3.7 [CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-32021
CWE-ID:
CWE-61 - UNIX Symbolic Link (Symlink) Following
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the original repository.
The vulnerability exists due to insecure symlink following issue. When cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as the target repository in the objects/ directory.
Mitigation
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) NULL pointer dereference
EUVDB-ID: #VU77550
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2015-3194
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in crypto/rsa/rsa_ameth.c in OpenSSL. A remote attacker can trigger denial of service conditions via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Code injection
EUVDB-ID: #VU91288
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-32465
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation when working with zip files or tarballs during cloning. A remote attacker can and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Input validation error
EUVDB-ID: #VU93883
Risk: Low
CVSSv4.0: 0.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-37372
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass permissions model.
The vulnerability exists due to insufficient validation of UNC paths with backslashes. A remote user can bypass certain security restrictions.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Server-Side Request Forgery (SSRF)
EUVDB-ID: #VU93880
Risk: Medium
CVSSv4.0: 5.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-22020
CWE-ID:
CWE-918 - Server-Side Request Forgery (SSRF)
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote user to perform SSRF attacks.
The vulnerability exists due to insufficient validation of user-supplied input when handling non-network imports in data URLs. A remote user can bypass network import restrictions and execute arbitrary code.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU93882
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-22018
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass permissions model.
The vulnerability exists due to application does not properly impose security restrictions when experimental permission model when the --allow-fs-read flag is used. A remote user can retrieve stats from files that they do not have explicit read access to.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU93881
Risk: Low
CVSSv4.0: 0.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36137
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges within the application.
The vulnerability exists due to application does not properly impose security restrictions in the experimental permission model when the --allow-fs-write flag is used. A remote user can change file ownership and permissions via fs.fchown and fs.fchmod.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Command Injection
EUVDB-ID: #VU93879
Risk: Medium
CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-36138
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to improper handling of batch files in child_process.spawn / child_process.spawnSync on Windows. An attacker can inject a malicious command line argument and achieve code execution even if the shell option is not enabled.
Note, the vulnerability exists due to incomplete fix for #VU88462 (CVE-2024-27980).
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Command Injection
EUVDB-ID: #VU88462
Risk: Medium
CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-27980
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to improper handling of batch files in child_process.spawn / child_process.spawnSync. An attacker can inject a malicious command line argument and achieve code execution even if the shell option is not enabled.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Information disclosure
EUVDB-ID: #VU77552
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2015-3195
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists in the ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL. A remote attacker can gain unauthorized access to sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Information disclosure
EUVDB-ID: #VU7517
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-9788
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to obtain potentially sensitive information on the targeted system.
The weakness exists due to improper initialization of the value placeholder in [Proxy-]Authorization headers of type 'Digest' before or between successive key=value assignments by mod_auth_digest. A remote attacker can provide an initial key with no '=' assignment to cause the stale value of uninitialized pool memory used by the prior request to leak.
Successful exploitation of the vulnerability results in information disclosure.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Cross-site scripting
EUVDB-ID: #VU109011
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2010-2273
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: Yes
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can inject arbitrary web script or HTML via unspecified vectors, possibly related to dojo/resources/iframe_history.html, dojox/av/FLAudio.js, dojox/av/FLVideo.js, dojox/av/resources/audio.swf, dojox/av/resources/video.swf, util/buildscripts/jslib/build.js, and util/buildscripts/jslib/buildUtil.j.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
22) Stack-based buffer overflow
EUVDB-ID: #VU95785
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-7502
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote unauthenticated attacker can trick a victim to open a specially crafted DPA file, trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Incorrect default permissions
EUVDB-ID: #VU96953
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-5321
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information or alter container logs
The vulnerability exists due to incorrect default permissions in Kubernetes clusters with Windows nodes. A local user with access to the system can view and modify contents of the container logs.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Resource exhaustion
EUVDB-ID: #VU88977
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-25026
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when handling HTTP requests. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Information disclosure
EUVDB-ID: #VU87198
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-45289
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to insecure forwarding of headers and cookies to a third-party domains in net/http and net/http/cookiejar. A remote attacker can trick the application into sharing sensitive information with an attacker-controlled website.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Error Handling
EUVDB-ID: #VU87196
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-24783
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists in crypto/x509 due to improper validation of a certificate chain that contains an unknown public key. A remote attacker can pass a specially crafted certificate to the application and perform a denial of service attack.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Resource exhaustion
EUVDB-ID: #VU87197
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-45290
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists in net/http due to application does not properly control consumption of internal resources when parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile). A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Input validation error
EUVDB-ID: #VU91159
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-24789
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to manipulate data.
The vulnerability exists due to insufficient validation of user-supplied input in archive/zip when handling zip archives. A remote attacker can create a zip file with content that will vary depending on the implementation reading the file.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Improper Neutralization of Special Elements in Output Used by a Downstream Component
EUVDB-ID: #VU36773
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2018-15494
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Out-of-bounds read
EUVDB-ID: #VU7119
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2017-7679
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to out-of-bounds read within the mod_mime when constructing Content-Type response header. A remote attacker read one byte pas the end of a buffer when sending a malicious Content-Type response header.
Mitigation
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
31) Use of Client-Side Authentication
EUVDB-ID: #VU99544
Risk: Low
CVSSv4.0: 6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43188
CWE-ID:
CWE-603 - Use of Client-Side Authentication
Exploit availability: No
DescriptionThe vulnerability allows a privileged user to perform unauthorized activities.
The vulnerability exists due to improper client side validation. A privileged user can perform unauthorized activities due to improper client side validation.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Integer overflow
EUVDB-ID: #VU65442
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-33068
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow in hb-ot-shape-fallback.cc. A remote attacker can pass specially crafted data to the application, trigger integer overflow and crash the application.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Input validation error
EUVDB-ID: #VU87201
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-24784
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to insufficient validation of display names within the ParseAddressList function in net/mail. A remote attacker can pass specially crafted input to the application and perform a spoofing attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Cross-site scripting
EUVDB-ID: #VU87200
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-24785
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in html/template when parsing errors returned from MarshalJSON methods. A remote attacker can execute arbitrary HTML and script code in user's browser in context of vulnerable website.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) UNIX symbolic link following
EUVDB-ID: #VU92075
Risk: Low
CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2024-35235
CWE-ID:
CWE-61 - UNIX Symbolic Link (Symlink) Following
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a symlink following issue. A local user can create a specially crafted symbolic link to a critical file on the system and make it world-writable.
Successful exploitation of this vulnerability may result in privilege escalation.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
36) Format string error
EUVDB-ID: #VU79695
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-32785
CWE-ID:
CWE-134 - Use of Externally-Controlled Format String
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a format string error as mod_auth_openidc wrongly performs argument interpolation before passing Redis requests to `hiredis. A remote attacker can supply a specially crafted input that contains format string specifiers and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Padding oracle attack
EUVDB-ID: #VU1800
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2016-0736
CWE-ID:
CWE-696 - Incorrect Behavior Order
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to an error in Apache mod_session_crypto implementation. A remote attacker with ability to intercept traffic can decipher potentially sensitive information or tamper with data.
Successful exploitation may allow an attacker to perform padding oracle attack against vulnerable web server and obtain potentially sensitive information.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
38) NULL pointer dereference
EUVDB-ID: #VU7116
Risk: Medium
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2017-3169
CWE-ID:
CWE-592 - Authentication Bypass Issues
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform denial of service attack.
The vulnerability exists due to a NULL pointer dereference error within mod_ssl module, when third-party modules call ap_hook_process_connection() function during an HTTP request to an HTTPS port. A remote attacker can send a specially crafted HTTP request and crash the affected web server.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak for Business Automation: before 21.0.3-IF037
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7174338
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
