SB2024051425 - Multiple vulnerabilities in IBM Security Guardium

Description

This security bulletin contains information about 10 secuirty vulnerabilities.

1) Input validation error (CVE-ID: CVE-2023-34054)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can send specially crafted HTTP requests to the application and perform a denial of service (DoS) attack.

2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-5870)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to pg_cancel_backend rolse signals background workers, including the logical replication launcher, autovacuum workers and the autovacuum launcher. A remote privileged user can abuse this behavior and perform a denial of service (DoS) attack.

3) Path traversal (CVE-ID: CVE-2023-34062)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.

Successful exploitation of the vulnerability requires that Reactor Netty HTTP Server is configured to serve static resources.

4) Improper access control (CVE-ID: CVE-2023-34059)

The vulnerability allows a local attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in the vmware-user-suid-wrapper. A local attacker can hijack the /dev/uinput file descriptor allowing them to simulate user inputs.

5) Improper Authorization (CVE-ID: CVE-2023-34058)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to an error when handling SAML token signature. A remote attacker that has been granted Guest Operation Privileges in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias.

6) Out-of-bounds write (CVE-ID: CVE-2023-5367)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in IChangeDeviceProperty/RRChangeOutputProperty. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

7) Integer overflow (CVE-ID: CVE-2023-5869)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in array modification. A remote user can pass specially crafted data to the application, trigger an integer overflow and execute arbitrary code on the target system.

8) Command Injection (CVE-ID: CVE-2023-47709)

The vulnerability allows a remote privileged user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error. A remote privileged user can execute arbitrary commands on the system by sending a specially crafted request.

9) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-47712)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions. A local user can bypass security restrictions and escalate privileges on the system.

10) Arbitrary file upload (CVE-ID: CVE-2023-47711)

The vulnerability allows a remote privileged user to cause a denial of service.

The vulnerability exists due to insufficient validation of file during file upload. A remote privileged user can upload a malicious file to cause a denial of service.

Remediation

Install update from vendor's website.

References

• https://www.ibm.com/support/pages/node/7150840