Lucene search

IBM28892108D4631E769FE243BBF196DDEB75F785A91B83850582B21A5ED792C3A5

HistoryAug 05, 2024 - 10:07 p.m.

Security Bulletin: IBM Storage Ceph is vulnerable to Command Injection in the RHEL UBI (CVE-2023-50447)

2024-08-0522:07:20

www.ibm.com

ibm storage ceph

command injection

rhel ubi

cve-2023-50447

pillow

remote attacker

arbitrary code

download

upgrade

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

JSON

Summary

RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-50447.

Vulnerability Details

CVEID:CVE-2023-50447
**DESCRIPTION:**Pillow could allow a remote attacker to execute arbitrary code on the system, caused by improper neutralization of user supplied-input by the PIL.ImageMath.eval function. By sending a specially crafted request using keys that leverage the environment parameter, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/280022 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Storage Ceph	7.0-7.0z1
IBM Storage Ceph	6.0, 6.1-6.1z4
IBM Storage Ceph	5.3z1-z6

Remediation/Fixes

IBM strongly recommends addressing the vulnerability now.
Download the latest version of IBM Storage Ceph and upgrade to 6.1z5 or later by following instructions.

<https://public.dhe.ibm.com/ibmdl/export/pub/storage/ceph/>
<https://www.ibm.com/docs/en/storage-ceph/6?topic=upgrading>

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmstorage_cephMatch7.0

ibmstorage_cephMatch1

ibmstorage_cephMatch6.0

ibmstorage_cephMatch6.1

ibmstorage_cephMatch4

ibmstorage_cephMatch5.3

ibmstorage_cephMatch1

ibmstorage_cephMatch6

VendorProductVersionCPE
ibmstorage_ceph7.0cpe:2.3:a:ibm:storage_ceph:7.0:*:*:*:*:*:*:*
ibmstorage_ceph1cpe:2.3:a:ibm:storage_ceph:1:*:*:*:*:*:*:*
ibmstorage_ceph6.0cpe:2.3:a:ibm:storage_ceph:6.0:*:*:*:*:*:*:*
ibmstorage_ceph6.1cpe:2.3:a:ibm:storage_ceph:6.1:*:*:*:*:*:*:*
ibmstorage_ceph4cpe:2.3:a:ibm:storage_ceph:4:*:*:*:*:*:*:*
ibmstorage_ceph5.3cpe:2.3:a:ibm:storage_ceph:5.3:*:*:*:*:*:*:*
ibmstorage_ceph6cpe:2.3:a:ibm:storage_ceph:6:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	storage_ceph	7.0	cpe:2.3:a:ibm:storage_ceph:7.0:::::::*
ibm	storage_ceph	1	cpe:2.3:a:ibm:storage_ceph:1:::::::*
ibm	storage_ceph	6.0	cpe:2.3:a:ibm:storage_ceph:6.0:::::::*
ibm	storage_ceph	6.1	cpe:2.3:a:ibm:storage_ceph:6.1:::::::*
ibm	storage_ceph	4	cpe:2.3:a:ibm:storage_ceph:4:::::::*
ibm	storage_ceph	5.3	cpe:2.3:a:ibm:storage_ceph:5.3:::::::*
ibm	storage_ceph	6	cpe:2.3:a:ibm:storage_ceph:6:::::::*