SB2020030605 - Multiple vulnerabilities in IBM Spectrum Protect Plus
Published: March 6, 2020 Updated: April 3, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 6 secuirty vulnerabilities.
1) Command Injection (CVE-ID: CVE-2020-4213)
The vulnerability allows a remote attacker to execute arbitrary commands on the target system.
The vulnerability exists within the Administrative Console Framework service due to improper validation of a user-supplied string in the "username" parameter before using it to execute a system call. A remote attacker can send a specially crafted HTTP command and execute arbitrary command on the system.
2) Command Injection (CVE-ID: CVE-2020-4222)
The vulnerability allows a remote attacker to execute arbitrary commands on the target system.
The vulnerability exists within the Administrative Console Framework service due to improper validation of a user-supplied string in the "password" parameter before using it to execute a system call. A remote attacker can send a specially crafted HTTP command and execute arbitrary command on the system.
3) Command Injection (CVE-ID: CVE-2020-4212)
The vulnerability allows a remote attacker to execute arbitrary commands on the target system.
The vulnerability exists within the Administrative Console Framework service due to improper validation of a user-supplied string in the "hfpackage" parameter before using it to execute a system call. A remote attacker can send a specially crafted HTTP command and execute arbitrary command on the system.
4) Command Injection (CVE-ID: CVE-2020-4211)
The vulnerability allows a remote attacker to execute arbitrary commands on the target system.
The vulnerability exists within the Administrative Console Framework service due to improper validation of a user-supplied string in the "hostname" parameter before using it to execute a system call. A remote attacker can send a specially crafted HTTP command and execute arbitrary command on the system.
5) Command Injection (CVE-ID: CVE-2020-4210)
The vulnerability allows a remote attacker to execute arbitrary commands on the target system.
The vulnerability exists within the Administrative Console Framework service in the "changeAdministratorPassword" functionality due to improper validation of a user-supplied string before using it to execute a system call. A remote attacker can send a specially crafted HTTP command and execute arbitrary command on the system.
6) Information disclosure (CVE-ID: CVE-2019-4703)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the user id and password may be exposed when protecting Microsoft SQL or Microsoft Exchange. A remote attacker on the local network with intimate knowledge of the system can gain unauthorized access to sensitive information on the system.
Remediation
Install update from vendor's website.
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/175024
- https://www.ibm.com/support/pages/node/3178863
- https://www.zerodayinitiative.com/advisories/ZDI-20-270/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/175091
- https://www.zerodayinitiative.com/advisories/ZDI-20-271/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/175023
- https://www.zerodayinitiative.com/advisories/ZDI-20-272/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/175022
- https://www.zerodayinitiative.com/advisories/ZDI-20-273/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/175020
- https://www.zerodayinitiative.com/advisories/ZDI-20-274/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/172013
- https://www.ibm.com/support/pages/node/3177915