SB2022092202 - Multiple vulnerabilities in IBM Security Guardium Insights
Published: September 22, 2022 Updated: June 7, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) (CVE-ID: CVE-2021-3538)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists in github.com/satori/go.uuid due to insecure randomness in the g.rand.Read() function. A remote attacker can trigger trigger the vulnerability to execute arbitrary code on the target system.
2) Incorrect Regular Expression (CVE-ID: CVE-2021-33502)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to exponential performance for data. A remote attacker can pass specially crafted data to the application and perform a regular expression denial of service (ReDos) attack.
3) Security features bypass (CVE-ID: CVE-2021-3450)
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to an error in implementation of the X509_V_FLAG_X509_STRICT flag allows an attacker to overwrite a valid CA certificate using any non-CA certificate in the chain. As a result, a remote attacker can perform MitM attack.
4) NULL pointer dereference (CVE-ID: CVE-2021-3449)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error when processing TLSv1.2 renegotiations. A remote attacker can send a maliciously crafted renegotiation ClientHello message, which omits the signature_algorithms extension but includes a signature_algorithms_cert extension, trigger a NULL pointer dereference error and crash the server.Remediation
Install update from vendor's website.
References
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-insights-is-affected-by-multiple-vulnerabilities-cve-2021-3538-cve-2021-33502-cve-2021-3450-cve-2021-3449/"
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-insights-is-affected-by-multiple-vulnerabilities-cve-2021-3538-cve-2021-33502-cve-2021-3450-cve-2021-3449/</a><br>
- https://www.ibm.com/support/pages/node/6491127<br><br></p>