SB2022111848 - Multiple vulnerabilities in IBM Operations Analytics - Log Analysis
Published: November 18, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Incorrect Regular Expression (CVE-ID: CVE-2022-30126)
The vulnerability allows a remote attacker to perform DoS attack.
The vulnerability exists due to improper validation in the StandardsText class. A remote attacker can pass specially crafted file to the application and perform a denial of service (DoS) attack.
2) Incorrect Regular Expression (CVE-ID: CVE-2022-33879)
The vulnerability allows a remote attacker to perform DoS attack.
The vulnerability exists due to improper validation in the StandardsExtractingContentHandler. A remote attacker can pass specially crafted file to the application and perform a denial of service (DoS) attack.The vulnerability exists due to incomplete fixes for #VU63404 (CVE-2022-30126) and #VU63904 (CVE-2022-30973).
3) Input validation error (CVE-ID: CVE-2022-30973)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in the "StandardsText" class in the StandardsExtractingContentHandler. A remote attacker can trick a victim to open a specially crafted file and perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-operations-analytics-log-analysis-vulnerable-to-multiple-vulnerabilities-in-apache-tika-cve-2022-30126-cve-2022-33879-cve-2022-30973/"
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-operations-analytics-log-analysis-vulnerable-to-multiple-vulnerabilities-in-apache-tika-cve-2022-30126-cve-2022-33879-cve-2022-30973/</a><br>
- https://www.ibm.com/support/pages/node/6840141<br><br></p>