SB2023022232 - Multiple vulnerabilities in IBM FlashSystem models 840 and 900 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023022232

SB2023022232 - Multiple vulnerabilities in IBM FlashSystem models 840 and 900

Published: February 22, 2023

Security Bulletin ID SB2023022232
Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 40% Medium 60%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Resource exhaustion (CVE-ID: CVE-2016-3092)

The vulnerability allows a remote attacker to cause denial of service conditions on the target system.

The vulnerability exists due to input validation error when processing very long boundary strings within the MultipartStream class in Apache Commons Fileupload. A remote user can cause denial of service conditions by sending specially crafted boundary string and consume excessive CPU resources.

Successful exploitation of this vulnerability may result in denial of service attack.


2) Environment variable injection in TYPO3 (CVE-ID: CVE-2016-5385)

The vulnerability allows a remote attacker to redirect an application's outbound HTTP traffic.

The vulnerability exists in TYPO3 CMS. A remote attacker can redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request.

Successful exploitation of this vulnerability may result in XSS attack and data injection.

3) Httpoxy issue (CVE-ID: CVE-2016-5387)

The vulnerability allows a remote attacker to obtain potentially sensitive information and compromise vulnerable server.

The vulnerability exists due to a design error in multiple implementations of web servers. A remote unauthenticated attacker can use a specially crafted Proxy header in HTTP request to influence HTTP_PROXY environment variable and redirect application’s HTTP traffic to arbitrary proxy server.

Successful exploitation of this vulnerability may allow an attacker to gain unauthorized access to sensitive information and compromise vulnerable server.

This vulnerability is known as httppoxy.


4) Improper access control (CVE-ID: CVE-2016-5388)

The vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable. A remote attacker can redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.


5) Improper access control (CVE-ID: CVE-2016-5386)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.


Remediation

Install update from vendor's website.

References