SB20200114132 - Multiple vulnerabilities in Tape Library ACSLS

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB20200114132

SB20200114132 - Multiple vulnerabilities in Tape Library ACSLS

Published: January 14, 2020 Updated: March 6, 2024

Security Bulletin ID SB20200114132
Severity
Critical
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Critical 20% High 40% Low 40%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Prototype pollution (CVE-ID: CVE-2019-11358)

The vulnerability allows a remote attacker to execute arbitrary JavaScript code.

The vulnerability exists due to improper input validation. A remote attacker can pass specially crafted input to the application and perform prototype pollution, which can result in information disclosure or data manipulation.


2) Improper input validation (CVE-ID: CVE-2018-15756)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in Pivotal Software Spring Framework due to improper handling of range requests. A remote attacker can send a specially crafted request that contains an additional range header with a high number of ranges or with wide ranges that overlap and cause the service to crash.


3) Insecure deserialization (CVE-ID: CVE-2019-2725)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to insecure deserialization of untrusted data within the "wls9_async_response.war" and "wls-wsat.war" components. A remote non-authenticated attacker can send a specially crafted HTTP request to "/_async/*" and "/wls-wsat/*" URLs and execute arbitrary code on the target system.


4) Desereliazation of untrusted data (CVE-ID: CVE-2016-1000031)

The vulnerability allows a remote unauthenticated attacker to execute arbitrary code on the target system.

The weakness exists in DiskFileItem class of the FileUpload library due to deserialization of untrusted data. A remote attacker can execute arbitrary code under the context of the current process.

Successful exploitation of the vulnerability may result in system compromise.

5) Deserialization of Untrusted Data (CVE-ID: CVE-2019-2729)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data within XMLDecoder class. A remote non-authenticated attacker can pass specially crafted data to the application and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Note: this vulnerability is being actively exploited in the wild.


Remediation

Install update from vendor's website.

References