This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Firewall_Head
Explorer
‎2024-11-03 09:34 PM

CVE-2024-27267 java vulnerability of IBM

Dear Checkmates,

Please let me know if Check Point is affected by this vulnerability, if not kindly leave a link to the article that discusses about this CVE.

=======

Thanks & Regards,

FirewallHead

0 Kudos
4 Replies
PhoneBoy
Admin
Admin
‎2024-11-04 10:14 AM

I would engage with the TAC here: https://help.checkpoint.com 

Lesley
Mentor Mentor
Mentor
‎2024-11-05 01:45 PM

This one is for IBM:

CVEID:   CVE-2024-27267
DESCRIPTION:   The Object Request Broker (ORB) in IBM SDK, Java Technology Edition is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/284573 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM SDK, Java Technology Edition 7.1.0.0 - 7.1.5.18 (restricted access)
IBM SDK, Java Technology Edition 8.0.0.0 - 8.0.8.26


For detailed information on which CVEs affect which releases, please refer to the IBM SDK, Java Technology Edition Security Vulnerabilities page.


-------
If you like this post please give a thumbs up(kudo)! 🙂
G_W_Albrecht
Legend Legend
Legend
‎2024-11-06 01:10 AM
In response to Lesley

# java -version
java version "1.8.0_401"
Java(TM) SE Runtime Environment (build 8.0.8.21 - pxi3280sr8fp21-20240221_01(SR8 FP21))
IBM J9 VM (build 2.9, JRE 1.8.0 Linux x86-32-Bit 20240216_65882 (JIT enabled, AO T enabled)
OpenJ9 - 6a2a245
OMR - 9440e34
IBM - 7394519)
JCL - 20231221_01 based on Oracle jdk8u401-b10

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
PhoneBoy
Admin
Admin
‎2024-11-06 07:14 AM

In general, the ability to exploit the vulnerabilities here are low since:

  • Gateways don't actually use java (though the binaries are there)
  • On Management, the relevant Java processes are reversed proxied through Apache, which limits the external traffic that can reach the inner processes and thus exploit the relevant CVE.

It appears that we are planning to release fixes in upcoming JHFs, in any case.
TAC should be consulted for further details: https://help.checkpoint.com 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top