Risk | High |
Patch available | YES |
Number of vulnerabilities | 11 |
CVE-ID | CVE-2018-20574 CVE-2019-6285 CVE-2018-20573 CVE-2017-11692 CVE-2010-4021 CVE-2010-1324 CVE-2010-4020 CVE-2010-1323 CVE-2018-5730 CVE-2018-20217 CVE-2020-28196 |
CWE-ID | CWE-119 CWE-617 CWE-16 CWE-310 CWE-264 CWE-674 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
IBM Security Verify Access Server applications / Remote management servers, RDP, SSH |
Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 11 vulnerabilities.
EUVDB-ID: #VU36263
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-20574
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Verify Access: 10.0.0 - 10.0.4.0
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-found-in-open-source-code-that-is-shipped-with-ibm-security-verify-access/
http://www.ibm.com/support/pages/node/6601733
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU36239
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-6285
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Verify Access: 10.0.0 - 10.0.4.0
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-found-in-open-source-code-that-is-shipped-with-ibm-security-verify-access/
http://www.ibm.com/support/pages/node/6601733
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU36262
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-20573
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Verify Access: 10.0.0 - 10.0.4.0
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-found-in-open-source-code-that-is-shipped-with-ibm-security-verify-access/
http://www.ibm.com/support/pages/node/6601733
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64983
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-11692
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion in the Token& Scanner::peek() function in scanner.cpp in yaml-cpp. A remote attacker can send a specially crafted !2 string and perform a denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Verify Access: 10.0.0 - 10.0.4.0
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-found-in-open-source-code-that-is-shipped-with-ibm-security-verify-access/
http://www.ibm.com/support/pages/node/6601733
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64985
Risk: Low
CVSSv3.1: 2.3 [CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2010-4021
CWE-ID:
CWE-16 - Configuration
Exploit availability: No
DescriptionThe vulnerability allows a remote user to modify files on the system.
The vulnerability exists due to MIT Kerberos 5 does not properly restrict the use of TGT credentials for armoring TGS requests. A remote authenticated user can impersonate a client by rewriting an inner request, aka a KrbFastReq forgery issue.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Verify Access: 10.0.0 - 10.0.4.0
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-found-in-open-source-code-that-is-shipped-with-ibm-security-verify-access/
http://www.ibm.com/support/pages/node/6601733
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64988
Risk: High
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2010-1324
CWE-ID:
CWE-310 - Cryptographic Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to modify files on the system.
The vulnerability exists due to MIT Kerberos 5 does not properly determine the acceptability of checksums. A remote attacker can forge GSS tokens, gain privileges, or have unspecified other impact via an unkeyed checksum, an unkeyed PAC checksum, or a KrbFastArmoredReq checksum based on an RC4 key.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Verify Access: 10.0.0 - 10.0.4.0
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-found-in-open-source-code-that-is-shipped-with-ibm-security-verify-access/
http://www.ibm.com/support/pages/node/6601733
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64997
Risk: Low
CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2010-4020
CWE-ID:
CWE-310 - Cryptographic Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to MIT Kerberos 5 does not reject RC4 key-derivation checksums. A remote user can forge a AD-SIGNEDPATH or AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the small key space that results from certain one-byte stream-cipher operations.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Verify Access: 10.0.0 - 10.0.4.0
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-found-in-open-source-code-that-is-shipped-with-ibm-security-verify-access/
http://www.ibm.com/support/pages/node/6601733
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU64989
Risk: Low
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2010-1323
CWE-ID:
CWE-310 - Cryptographic Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to escalate privileges on the target system.
The vulnerability exists due to MIT Kerberos 5 does not properly determine the acceptability of checksums. A remote attacker can modify user-visible prompt text, modify a response to a Key Distribution Center (KDC), or forge a KRB-SAFE message via certain checksums that are unkeyed or use RC4 keys.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Verify Access: 10.0.0 - 10.0.4.0
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-found-in-open-source-code-that-is-shipped-with-ibm-security-verify-access/
http://www.ibm.com/support/pages/node/6601733
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU11076
Risk: Low
CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-5730
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to bypass security restrictions on a targeted system.
The weakness exists due to insufficient security restrictions. A remote attacker can add crafted principals to the Lightweight Directory Access Protocol (LDAP) database and bypass a DN containership check.
Install update from vendor's website.
Vulnerable software versionsIBM Security Verify Access: 10.0.0 - 10.0.4.0
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-found-in-open-source-code-that-is-shipped-with-ibm-security-verify-access/
http://www.ibm.com/support/pages/node/6601733
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU17350
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-20217
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion in in the KDC. A remote attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4) and crash the KDC by making an S4U2Self request.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Verify Access: 10.0.0 - 10.0.4.0
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-found-in-open-source-code-that-is-shipped-with-ibm-security-verify-access/
http://www.ibm.com/support/pages/node/6601733
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48444
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-28196
CWE-ID:
CWE-674 - Uncontrolled Recursion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to uncontrolled recursion in MIT Kerberos 5 (aka krb5) implementation when processing ASN.1-encoded Kerberos messages in lib/krb5/asn.1/asn1_encode.c. A remote attacker can pass specially crafted data to the application that uses Kerberos and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsIBM Security Verify Access: 10.0.0 - 10.0.4.0
External linkshttp://www.ibm.com/blogs/psirt/security-bulletin-multiple-security-vulnerabilities-found-in-open-source-code-that-is-shipped-with-ibm-security-verify-access/
http://www.ibm.com/support/pages/node/6601733
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.