SB2022062804 - Multiple vulnerabilities in IBM Cloud Transformation Advisor
Published: June 28, 2022 Updated: August 22, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 12 secuirty vulnerabilities.
1) Infinite loop (CVE-ID: CVE-2022-0778)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the BN_mod_sqrt() function when processing an ASN.1 certificate that contains elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. A remote attacker can supply a specially crafted certificate to the TLS server or client, consume all available system resources and cause denial of service conditions.
2) Incorrect Regular Expression (CVE-ID: CVE-2022-30126)
The vulnerability allows a remote attacker to perform DoS attack.
The vulnerability exists due to improper validation in the StandardsText class. A remote attacker can pass specially crafted file to the application and perform a denial of service (DoS) attack.
3) Improper input validation (CVE-ID: CVE-2022-21299)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The vulnerability exists due to improper input validation within the JAXP component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.
4) Improper input validation (CVE-ID: CVE-2020-29582)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Signaling (Calico) component in Oracle Communications Cloud Native Core Network Slice Selection Function. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.
5) Out-of-bounds write (CVE-ID: CVE-2020-36518)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when processing untrusted input. A remote attacker can trigger out-of-bounds write and cause a denial of service condition on the target system.
6) Improper input validation (CVE-ID: CVE-2021-35561)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The vulnerability exists due to improper input validation within the Utility component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.
7) Resource exhaustion (CVE-ID: CVE-2022-25169)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in BPG parser. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
8) Improper input validation (CVE-ID: CVE-2022-21496)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the JNDI component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
9) Improper input validation (CVE-ID: CVE-2022-21434)
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The vulnerability exists due to improper input validation within the Libraries component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.
10) Improper input validation (CVE-ID: CVE-2022-21443)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The vulnerability exists due to improper input validation within the Libraries component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.
11) Incorrect default permissions (CVE-ID: CVE-2020-8908)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to incorrect default permissions for files located in the temporary directory set by the Guava com.google.common.io.Files.createTempDir(). A local user with access to the system can view contents of files and directories or modify them.
12) Prototype pollution (CVE-ID: CVE-2021-43138)
The vulnerability allows a remote attacker to escalate privileges within the application.
The vulnerability exists due to improper input validation when handling data passed via the mapValues() method. A remote attacker can send a specially crafted request and escalate privileges within the application.
Remediation
Install update from vendor's website.
References
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-transformation-advisor-is-vulnerable-to-multiple-vulnerabilities-3/"
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cloud-transformation-advisor-is-vulnerable-to-multiple-vulnerabilities-3/</a><br><a
- https://www.ibm.com/support/pages/node/6598765"
- https://www.ibm.com/support/pages/node/6598765</a><br><br><br></p>