Multiple vulnerabilities in IBM Storage Copy Data Management
| Risk | Critical |
| Patch available | YES |
| Number of vulnerabilities | 27 |
| CVE-ID | CVE-2016-0706 CVE-2024-52317 CVE-2024-52316 CVE-2016-6816 CVE-2016-6794 CVE-2017-12617 CVE-2016-8745 CVE-2015-5346 CVE-2020-1935 CVE-2015-5345 CVE-2016-0714 CVE-2016-0762 CVE-2017-5647 CVE-2015-5174 CVE-2018-8014 CVE-2017-7674 CVE-2016-5388 CVE-2016-6797 CVE-2017-5664 CVE-2016-0763 CVE-2021-24122 CVE-2017-5648 CVE-2016-3092 CVE-2025-24813 CVE-2024-38286 CVE-2024-50379 CVE-2024-56337 |
| CWE-ID | CWE-200 CWE-399 CWE-287 CWE-20 CWE-284 CWE-384 CWE-444 CWE-94 CWE-22 CWE-264 CWE-400 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #4 is available. Vulnerability #6 is being exploited in the wild. Vulnerability #24 is being exploited in the wild. Public exploit code for vulnerability #26 is available. |
| Vulnerable software |
Storage Copy Data Management Other software / Other software solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 27 vulnerabilities.
1) Security Manager bypass
EUVDB-ID: #VU263
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-0706
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
A local attacker, who controls web application, can use StatusManagerServlet, when a security manager was configured, to obtain potentially sensitive information, which belongs to other users. The attacker will be able to obtain a list of all deployed applications and a list of the HTTP request lines for all requests currently being processed. This could have exposed sensitive information from other web applications, such as session IDs, to the web application.
Successful exploitation of the vulnerability may allow a local attacker to gain access to potentially sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Resource management error
EUVDB-ID: #VU100587
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2024-52317
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to improper management of internal resources when handling HTTP/2 responses, which causes request and/or response mix-up between users. A remote non-authenticated attacker can send a series of HTTP/2 requests and gain access to sensitive information.
Install update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Improper Authentication
EUVDB-ID: #VU100588
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-52316
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error when processing authentication requests. If Tomcat was configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the authentication may not have failed, allowing the user to bypass the authentication process.
MitigationInstall update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper input validation
EUVDB-ID: #VU1184
Risk: Low
CVSSv4.0: 2.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2016-6816
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: Yes
Description
The vulnerability allows a remote attacker to manipulate HTTP responses.
The vulnerability exists due to incorrect parsing of HTTP requests. A remote attacker can send a specially crafted HTTP request containing specially crafted characters and perform XSS attacks, manipulate HTTP responses or obtain potentially sensitive data, belonging to other sessions.
Successful exploitation of the vulnerability may allow an attacker to gain access to potentially sensitive information, but requires presence of a proxy server, which does not block injected characters.
MitigationInstall update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
5) Information disclosure
EUVDB-ID: #VU1090
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-6794
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows an application to obtain potentially sensitive information on the target system.
The weakness is due to insufficient accesss control. By invoking the system property replacement feature, a malicious application can bypass a configured SecurityManager and read potentially sensitive system properties.
Successful exploitation of the vulnerability results in disclosure of important data on the vulnerable system.
Install update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Improper input validation
EUVDB-ID: #VU8669
Risk: High
CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2017-12617
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to insufficient validation of user-supplied input when running with HTTP PUTs enabled. A remote attacker can send a specially crafted request to upload a JSP file to the server and execute arbitrary code on the system.
Successful exploitation of the vulnerability may result in full system compromise.
Install update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
7) Information disclosure
EUVDB-ID: #VU5449
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-8745
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists to error within the send file code for the NIO HTTP connector, which causes current Processor object being added to the Processor cache multiple times. This behavior means that sharing the same Processor for concurrent requests can lead to leakage of potentially sensitive information between requests, such as session ID, request body, etc.
Successful exploitation of the vulnerability may allow an attacker to obtain potentially sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Session Fixation
EUVDB-ID: #VU87535
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2015-5346
CWE-ID:
CWE-384 - Session Fixation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise accounts of other users.
The vulnerability exists due to an insecure way of handling sessions. A remote attacker can leverage the requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java and hijack web sessions of web application users.
Install update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Inconsistent interpretation of HTTP requests
EUVDB-ID: #VU25807
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-1935
CWE-ID:
CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform HTTP request smuggling attack.
The vulnerability exists due to the HTTP header parsing code uses an approach to end-of-line parsing that allows some invalid HTTP headers to be parsed as valid. A remote attacker can send a specially crafted HTTP request and perform HTTP request smuggling attack. MitigationInstall update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Directory disclosure
EUVDB-ID: #VU262
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2015-5345
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information.
When accessing a directory protected by a security constraint with a URL that did not end in a slash, Tomcat would redirect to the URL with the trailing slash thereby confirming the presence of the directory before processing the security constraint. It was therefore possible for a user to determine if a directory existed or not, even if the user was not permitted to view the directory.
Successful exploitation of the vulnerability may allow a remote attacker to confirm existence of directories on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Privilege escalation
EUVDB-ID: #VU264
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-0714
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass security manager restriction.
A local attacker, who controls web application, can abuse functionality of StandardManager and PersistentManager to gain control over sessions persistence, stored in files, in database or in custom Sore. Since session persistence is performed by Tomcat code with the permissions assigned to Tomcat internal code, the attacker can place specially crafted object into a session and execute arbitrary code on vulnerable system with elevated privileges.
Successful exploitation of the vulnerability may allow a local attacker to gain elevated privileges on the system.
Mitigation
Install update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Improper input validation
EUVDB-ID: #VU55165
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-0762
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Provisioning (Apache Tomcat) component in Oracle Communications Diameter Signaling Router (DSR). A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
MitigationInstall update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Information disclosure
EUVDB-ID: #VU6674
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-5647
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists in the handling of the pipelined requests when send file was used resulted in the pipelined request being lost when send file processing of the previous request completed. A remote attacker can cause responses to appear to be sent for the wrong request.
Install update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Limited directory traversal
EUVDB-ID: #VU261
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2015-5174
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists due to incorrect validation of paths in getResource(), getResourceAsStream() and getResourcePaths() methods within ServletContext. A local attacker can bypass security manager restrictions using directory traversal sequences and view directory listing outside the $CATALINA_BASE/webapps folder.
Successful exploitation of the vulnerability may allow a local attacker to obtain names of files and folder on vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Information disclosure
EUVDB-ID: #VU12798
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-8014
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionsupportsCredentials for all origins. It is expected that users of the CORS filter will have configured it appropriately for their environment rather than using it in the default configuration. A remote attacker can access important data.Mitigation
Install update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Improper input validation
EUVDB-ID: #VU8697
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-7674
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to conduct client and server side cache poisoning.
The weakness exists due to the failure to add an HTTP Vary header indicating that the response varies depending on Origin by the CORS Filter. A remote attacker can trick the victim to follow a specially crafted link and conduct client and server side cache poisoning.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks
Install update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Improper access control
EUVDB-ID: #VU64586
Risk: Medium
CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2016-5388
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable. A remote attacker can redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.
MitigationInstall update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Information disclosure
EUVDB-ID: #VU1091
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-6797
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows an application to gain access to global resources on the target system.
The weakness exists due to a flaw in the ResourceLinkFactory that allows a web application to obtain global JNDI resources.
Successful exploitation of the vulnerability results in application's access to global JNDI resources on the vulnerable system.
Install update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Security bypass
EUVDB-ID: #VU6950
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-5664
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to improper handling of certain HTTP request methods for static error pages in Default Servlet. A remote attacker can bypass HTTP method restrictions and cause the error page to be deleted or replaced.
Successful exploitation of the vulnerability results in information modification.
Install update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU87534
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2016-0763
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to missing authorization within the setGlobalContext() method in org/apache/naming/factory/ResourceLinkFactory.java. A remote user can bypass intended SecurityManager restrictions and read or write to arbitrary application data, or cause a denial of service (application disruption), via a web application that sets a crafted global context.
MitigationInstall update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Information disclosure
EUVDB-ID: #VU49570
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-24122
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to JSP source code disclosure in some configurations, when serving resources from a network location using the NTFS file system. The root cause was the unexpected behaviour of the JRE API
File.getCanonicalPath() which in turn was caused by the inconsistent
behaviour of the Windows API (FindFirstFileW) in some circumstances.A remote attacker can send a specially crafted request to the application and view the JSP source code.
Install update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Security restrictions bypass
EUVDB-ID: #VU6675
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-5648
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to the failure to use the appropriate facade object by certain application listener calls. A remote attacker can access and modify arbitrary data.
Install update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Resource exhaustion
EUVDB-ID: #VU197
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2016-3092
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause denial of service conditions on the target system.
The vulnerability exists due to input validation error when processing very long boundary strings within the MultipartStream class in Apache Commons Fileupload. A remote user can cause denial of service conditions by sending specially crafted boundary string and consume excessive CPU resources.
Successful exploitation of this vulnerability may result in denial of service attack.
Install update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Input validation error
EUVDB-ID: #VU105485
Risk: Critical
CVSSv4.0: 9.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]
CVE-ID: CVE-2025-24813
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input when handling file uploads via HTTP PUT requests. A remote attacker can send a specially crafted HTTP PUT request to the server and gain access to sensitive information or even execute arbitrary code.
If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files:
- writes enabled for the default servlet (disabled by default)
- support for partial PUT (enabled by default)
- a target URL for security sensitive uploads that is a sub-directory of a target URL for public uploads
- attacker knowledge of the names of security sensitive files being uploaded
- the security sensitive files also being uploaded via partial PUT
If all of the following were true, a malicious user was able to perform remote code execution:
- writes enabled for the default servlet (disabled by default)
- support for partial PUT (enabled by default)
- application was using Tomcat's file based session persistence with the default storage location
- application included a library that may be leveraged in a deserialization attack
Install update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
25) Resource exhaustion
EUVDB-ID: #VU97652
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-38286
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources during the TLS handshake process. A remote attacker can initiate multiple TLS connections, trigger memory exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU101814
Risk: Medium
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2024-50379
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to missing access restrictions to the default servlet. If the default servlet is write enabled (readonly initialisation parameter set to the non-default value of false) for a case insensitive file system, concurrent read and upload under load of the same file can bypass Tomcat's case sensitivity checks and cause an uploaded file to be treated as a JSP leading to remote code execution.
Install update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
27) Permissions, privileges, and access controls
EUVDB-ID: #VU101893
Risk: High
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-56337
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The mitigation bypass depends on the version of Java used on the system.
Install update from vendor's website.
Vulnerable software versionsStorage Copy Data Management: before 2.2.26.0
CPE2.3 External linkshttps://www.ibm.com/support/pages/node/7232416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
