Multiple vulnerabilities in IBM Knowledge Catalog for IBM Cloud Pak for Data

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Type Confusion

EUVDB-ID: #VU96744

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-6119

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a type confusion error when performing certificate name checks. A remote attacker can supply a specially crafted X.509 certificate to the server, trigger a type confusion error and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Path traversal

EUVDB-ID: #VU99566

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-49766

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to input validation error when processing UNC paths on Windows. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Resource exhaustion

EUVDB-ID: #VU99567

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-49767

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources within the werkzeug.formparser.MultiPartParser. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Incorrect default permissions

EUVDB-ID: #VU97712

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-23454

CWE-ID: CWE-276 - Incorrect Default Permissions

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to the RunJar.run() method does not set permissions for temporary directory by default. A local user with access to the system can view contents of files and directories.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Deserialization of Untrusted Data

EUVDB-ID: #VU110016

Risk: Medium

CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-25642

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to ZKConfigurationStore which is optionally used by CapacityScheduler of Apache Hadoop YARN deserializes data obtained from ZooKeeper without validation. A remote user with an access to ZooKeeper can run arbitrary commands as YARN user by exploiting this vulnerability.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU64513

Risk: Medium

CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-33036

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to improper permission assignment, which leads to security restrictions bypass and privilege escalation.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Inefficient regular expression complexity

EUVDB-ID: #VU101895

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-52798

CWE-ID: CWE-1333 - Inefficient Regular Expression Complexity

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient input validation when processing untrusted input with a regular expressions. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Security features bypass

EUVDB-ID: #VU101971

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56201

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a local user to bypass sandbox restrictions.

The vulnerability exists due to improper validation of user-supplied input. A local user with the ability to control both the filename and the contents of a template can bypass sandbox restrictions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Infinite loop

EUVDB-ID: #VU102463

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-55565

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop. A remote user can consume all available system resources and cause denial of service conditions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Improper Authorization

EUVDB-ID: #VU100676

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-38827

CWE-ID: CWE-285 - Improper Authorization

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authorization.

The vulnerability exists due to presence of Locale dependent exceptions when using String.toLowerCase() and String.toUpperCase() for string comparison. A remote attacker can bypass authorization rules using specially crafted input.

Note, the vulnerability is related to #VU98795 (CVE-2024-38820).

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Improper verification of cryptographic signature

EUVDB-ID: #VU99563

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-48948

CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect validation of valid signatures if the hash contains at least four leading 0 bytes and when the order of the elliptic curve's base point is smaller than the hash, because of an _truncateToN anomaly. Such behavior leads to valid signatures being rejected.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Resource exhaustion

EUVDB-ID: #VU87615

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-52428

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper validation of user requests by the PasswordBasedDecrypter (PBKDF2) component. A remote attacker can send a specially crafted request using a large JWE p2c header, trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Infinite loop

EUVDB-ID: #VU94792

Risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-5569

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop. A remote attacker can pass a specially crafted zip file to the application, consume all available system resources and cause denial of service conditions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Improper input validation

EUVDB-ID: #VU65495

Risk: High

CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2022-34169

Exploit availability: Yes

Description

The vulnerability allows a remote non-authenticated attacker to compromise the affected system.

The vulnerability exists due to an integer truncation issue when processing malicious XSLT stylesheets. A remote non-authenticated attacker can pass specially crafted data to the application to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

16) Security features bypass

EUVDB-ID: #VU101972

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56326

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a local user to bypass sandbox restrictions.

The vulnerability exists in the way the Jinja sandboxed environment detects calls to str.format. A local user with the ability to control the contents of a template can bypass sandbox restrictions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Deserialization of Untrusted Data

EUVDB-ID: #VU70530

Risk: High

CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2022-45047

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data within the org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider class. A remote attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

18) Input validation error

EUVDB-ID: #VU110010

Risk: High

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-16026

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. If a request is made using ```multipart```, and the body type is a ```number```, then the specified number of non-zero memory is passed in the body. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Inefficient regular expression complexity

EUVDB-ID: #VU98132

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45296

CWE-ID: CWE-1333 - Inefficient Regular Expression Complexity

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient input validation when processing untrusted input with a regular expressions. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Inadequate Encryption Strength

EUVDB-ID: #VU95799

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-41909

CWE-ID: CWE-326 - Inadequate Encryption Strength

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to incorrect implementation of the SSH Binary Packet Protocol (BPP), which mishandles the handshake phase and the use of sequence numbers. A remote attacker can perform MitM attack and delete the SSH2_MSG_EXT_INFO message sent before authentication starts, allowing the attacker to disable a subset of the keystroke timing obfuscation features and perform "Terrapin attack".

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Inadequate encryption strength

EUVDB-ID: #VU84537

Risk: Low

CVSSv4.0: 2.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2023-48795

CWE-ID: CWE-326 - Inadequate Encryption Strength

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to incorrect implementation of the SSH Binary Packet Protocol (BPP), which mishandles the handshake phase and the use of sequence numbers. A remote attacker can perform MitM attack and delete the SSH2_MSG_EXT_INFO message sent before authentication starts, allowing the attacker to disable a subset of the keystroke timing obfuscation features introduced in OpenSSH 9.5.

The vulnerability was dubbed "Terrapin attack" and it affects both client and server implementations.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

22) UNIX symbolic link following

EUVDB-ID: #VU81427

Risk: Low

CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-35887

CWE-ID: CWE-61 - UNIX Symbolic Link (Symlink) Following

Exploit availability: No

Description

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to insecure symlink following that lead to files outside the RootedFileSystem. A remote user can identify presence of files on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Input validation error

EUVDB-ID: #VU96018

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-38809

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when parsing ETags from "If-Match" or "If-None-Match" request headers. A remote attacker can send a specially crafted HTTP request to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Insufficient verification of data authenticity

EUVDB-ID: #VU70441

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-37533

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows an attacker to redirect victim to a malicious host.

The vulnerability exists due to the application trusts the host from PASV response by default. A remote attacker can trick the victim into connecting to an attacker controlled FTP server and then redirect the application to another host.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Input validation error

EUVDB-ID: #VU98760

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-47764

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient validation of user-supplied cookies. A remote attacker can pass a specially crafted cookie to the application and alter values passed to the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Infinite loop

EUVDB-ID: #VU89220

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-30172

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in the Ed25519 verification code. A remote attacker can pass a specially signature and public key to the application, consume all available system resources and cause denial of service conditions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Resource exhaustion

EUVDB-ID: #VU89218

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-29857

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to library does not properly control consumption of internal resources when importing an EC certificate with specially crafted F2m parameters. A remote attacker can pass a specially crafted certificate to the application to trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Observable discrepancy

EUVDB-ID: #VU89219

Risk: Medium

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-30171

CWE-ID: CWE-203 - Observable discrepancy

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to a possible timing based leakage in RSA based handshakes. A remote attacker can gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Incorrect Regular Expression

EUVDB-ID: #VU100921

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-21538

CWE-ID: CWE-185 - Incorrect Regular Expression

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient input validation when processing regular expressions. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Resource exhaustion

EUVDB-ID: #VU110013

Risk: High

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-16138

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when mime lookup is performed on untrusted user input. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Knowledge Catalog in Cloud Pak for Data: 4.8.6 - 5.1

CPE2.3

External links