SB2024022817 - Multiple vulnerabilities in IBM Tivoli Netcool Impact

Description

This security bulletin contains information about 5 secuirty vulnerabilities.

1) Code Injection (CVE-ID: CVE-2023-27869)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to unchecked logger injection. A remote user can send a specially crafted request using the named traceFile property and execute arbitrary code on the target system.

2) Code Injection (CVE-ID: CVE-2023-27867)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation. A remote user can send a specially crafted request and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

3) Code Injection (CVE-ID: CVE-2023-27868)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to unchecked class instantiation when providing plugin classes. A remote user can send a specially crafted request using the named pluginClassName class and execute arbitrary code on the target system.

4) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2021-39002)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the use of weaker than expected cryptographic algorithms. A remote attacker can gain unauthorized access to sensitive information on the system.

5) Input validation error (CVE-ID: CVE-2020-4200)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote user can send specially crafted commands to cause a denial of service.

Remediation

Install update from vendor's website.

References

• https://www.ibm.com/support/pages/node/7086758