SB2022061803 - Multiple vulnerabilities in Red Hat AMQ Broker

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022061803

SB2022061803 - Multiple vulnerabilities in Red Hat AMQ Broker

Published: June 18, 2022

Security Bulletin ID SB2022061803
Severity
Medium
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Code Injection (CVE-ID: CVE-2019-10744)

The vulnerability allows a remote attacker to modify properties on the target system.

The vulnerability exists due to improper input validation in the "defaultsDeep" function. A remote attacker can send a specially crafted request and modify the prototype of "Object" via "{constructor: {prototype: {...}}}" causing the addition or modification of an existing property that will exist on all objects.



2) Out-of-bounds write (CVE-ID: CVE-2020-36518)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can trigger out-of-bounds write and cause a denial of service condition on the target system.


3) Resource exhaustion (CVE-ID: CVE-2021-4040)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to AMQ Broker does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion and partially disrupt availability to the broker through a sustained attack of maliciously crafted messages.


4) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2021-43797)

The vulnerability allows a remote attacker to preform HTTP request smuggling attacks.

The vulnerability exists due to improper validation of HTTP requests when processing control chars present at the beginning / end of the header name. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.

Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.


5) Security features bypass (CVE-ID: CVE-2022-22968)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to patterns for disallowedFields on a DataBinder are case sensitive, which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path. A remote attacker can bypass implemented security restrictions by passing case sensitive data to the application.


6) Resource exhaustion (CVE-ID: CVE-2022-23913)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.


7) Security restrictions bypass (CVE-ID: CVE-2022-1833)

The vulnerability allows a remote user to escalate privileges within the application.

The vulnerability exists due to improperly imposed permissions. A low-privileged user with access to the namespace where the AMQ Operator is deployed has access to clusterwide edit rights by checking the secrets.


Remediation

Install update from vendor's website.

References