IBMED469977160B1A657BFABC66C859E19AF29418CB0B9D7C386675F07BF7CD3B34Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to an attacker uploading arbitrary files and obtaining sensitive information (CVE-2023-45802, CVE-2023-31122)
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.6 High
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
83.8%
Summary
IBM HTTP Server (powered by Apache) used by IBM i is vulnerable to an attacker uploading arbitrary files due to improper validation (CVE-2023-45802) and obtaining sensitive information due to an out of bounds read flaw (CVE-2023-31122) as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerabilities as described in the remediation/fixes section.
Vulnerability Details
CVEID:CVE-2023-45802
**DESCRIPTION:**Apache StreamPark could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious file, which could allow the attacker to execute arbitrary code on the vulnerable system.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253372 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-31122
**DESCRIPTION:**Apache HTTP Server could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read flaw in the mod_macro module. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/269041 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM i | 7.5 |
| IBM i | 7.4 |
| IBM i | 7.3 |
| IBM i | 7.2 |
Remediation/Fixes
The issues can be addressed by applying a PTF to IBM i. IBM i releases 7.5, 7.4, 7.3, and 7.2 will be fixed.
The IBM i 5770-DG1 PTF numbers resolve the vulnerabilities.
IBM i Release| 5770-DG1
PTF Number| PTF Download Link
—|—|—
7.5| SI85712
SI85830|
<https://www.ibm.com/support/pages/ptf/SI85712>
<https://www.ibm.com/support/pages/ptf/SI85830>
7.4| SI85713
SI85828| <https://www.ibm.com/support/pages/ptf/SI85713>
<https://www.ibm.com/support/pages/ptf/SI85828>
7.3| SI85714
SI85827| <https://www.ibm.com/support/pages/ptf/SI85714>
<https://www.ibm.com/support/pages/ptf/SI85827>
7.2| SI85833| <https://www.ibm.com/support/pages/ptf/SI85833>
Workarounds and Mitigations
None.
Affected configurations
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.6 High
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
83.8%