CVE-2023-47160

Summary

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.

Severity

  • Base Score: 8.1
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
  • Exploitability Score: 2.8
  • Impact Score: 5.2
  • Exploitable: Yes

Details

The vulnerability stems from improper processing of XML input, which allows an attacker to inject malicious XML entities. This injected code can then be processed by the application, leading to information disclosure by reading arbitrary files on the server, potentially revealing sensitive data like configuration files, source code, or even credentials. It can also lead to a denial-of-service (DoS) condition by consuming excessive memory resources. User interaction is required to exploit the vulnerability, as the user must submit a crafted XML file to the application.

Remediation

To mitigate this vulnerability, apply the following remediation steps:

  1. Upgrade to a patched version: Upgrade to IBM Cognos Controller version 11.0.1 Fix Pack 4 or later. This fix pack contains the necessary security patches to address the XXE vulnerability. For IBM Controller 11.1.0, apply the latest available fix pack or interim fix that addresses this CVE. Consult IBM’s official security bulletin for the most up-to-date information on available patches.

  2. Input validation: If upgrading immediately is not feasible, implement robust input validation and sanitization for all XML data processed by Cognos Controller. This involves carefully inspecting XML content for potentially malicious entities and preventing them from being processed. Specifically, disable or restrict the use of external entities and document type definitions (DTDs).

  3. Least privilege: Ensure that the Cognos Controller application runs with the minimum necessary privileges. Restrict access to sensitive files and resources on the server.

  4. Web Application Firewall (WAF): Consider deploying a Web Application Firewall (WAF) in front of Cognos Controller. Configure the WAF to detect and block XXE attacks.

  5. Regular Security Audits: Conduct regular security audits and penetration testing to identify and address potential vulnerabilities.

Assigner

Date

  • Published Date: 2023-12-08
  • Updated Date: 2024-01-11 15:33:09

More Details

CVE-2023-47160