Multiple vulnerabilities in IBM Security Guardium



Published: 2022-10-31
Risk High
Patch available YES
Number of vulnerabilities 14
CVE-ID CVE-2016-4658
CVE-2018-8039
CVE-2017-12624
CVE-2019-11719
CVE-2020-6829
CVE-2019-17006
CVE-2019-11756
CVE-2021-30468
CVE-2021-22696
CVE-2020-1954
CVE-2020-13954
CVE-2019-12423
CVE-2019-12406
CVE-2021-39077
CWE-ID CWE-416
CWE-300
CWE-19
CWE-125
CWE-310
CWE-122
CWE-400
CWE-20
CWE-522
CWE-399
CWE-256
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
IBM Security Guardium
Client/Desktop applications / Antivirus software/Personal firewalls

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 14 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU57346

Risk: High

CVSSv3.1:

CVE-ID: CVE-2016-4658

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error, caused by using namespace nodes in XPointer ranges within the xpointer.c in libxml2. A remote attackers can pass specially crated XML document to he application, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Security Guardium: 10.5 - 11.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Man-in-the-middle attack

EUVDB-ID: #VU13523

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2018-8039

CWE-ID: CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')

Exploit availability: No

Description

The vulnerability allows a remote authenticated attacker to conduct man-in-the-middle attack on the target system.

The weakness exists due to improper verification of TLS hostnames when used with the 'com.sun.net.ssl' implementation. A remote attacker can conduct a man-in-the-middle attack and bypass the hostname verification.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Security Guardium: 10.5 - 11.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Data handling

EUVDB-ID: #VU11285

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2017-12624

CWE-ID: CWE-19 - Data Handling

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to data handling. A remote attacker can send specially crafted message attachment header and cause the service to crash.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Security Guardium: 10.5 - 11.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Out-of-bounds read

EUVDB-ID: #VU33037

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-11719

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Security Guardium: 10.5 - 11.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Cryptographic issues

EUVDB-ID: #VU46019

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-6829

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to usage of wNAF point multiplication algorithm when performing EC scalar point multiplication, which leaked partial information about the nonce used during signature generation. A remote attacker can perform an electro-magnetic side-channel attack and recover the private key.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Security Guardium: 10.5 - 11.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Heap-based buffer overflow

EUVDB-ID: #VU47197

Risk: High

CVSSv3.1:

CVE-ID: CVE-2019-17006

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in Mozilla NSS library when processing input text length while using certain cryptographic primitives. A remote attacker can pass specially crafted data to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Security Guardium: 10.5 - 11.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Use-after-free

EUVDB-ID: #VU23369

Risk: High

CVSSv3.1:

CVE-ID: CVE-2019-11756

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing SFTKSession object. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger a use-after-free error and crash the application or execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Security Guardium: 10.5 - 11.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Resource exhaustion

EUVDB-ID: #VU56019

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-30468

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in the JsonMapObjectReaderWriter. A remote attacker can trigger resource exhaustion by submitting a malformed JSON to a web service and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Security Guardium: 10.5 - 11.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) Input validation error

EUVDB-ID: #VU51939

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-22696

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper validation of "request_uri" parameter by the OAuth 2 authorization service. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Security Guardium: 10.5 - 11.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

10) Man-in-the-Middle (MitM) attack

EUVDB-ID: #VU26530

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-1954

CWE-ID: CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a man-in-the-middle (MitM) attack.

The vulnerability exists in the JMX Integration when the "createMBServerConnectorFactory" property of the default InstrumentationManagerImpl is not disabled. A remote attacker on the same host can perform a man-in-the-middle attack and gain access to all of the information that is sent and received over JMX. 

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Security Guardium: 10.5 - 11.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

11) Improper input validation

EUVDB-ID: #VU49857

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2020-13954

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The vulnerability exists due to improper input validation within the Supplier Direct Fulfillment (Apache CXF) component in Oracle Retail Order Broker Cloud Service. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Security Guardium: 10.5 - 11.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

12) Insufficiently protected credentials

EUVDB-ID: #VU27701

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-12423

CWE-ID: CWE-522 - Insufficiently Protected Credentials

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access ti sensitive information.

The vulnerability exists due to the application allows a client to obtain the keys from a JWK keystore file, by setting the configuration parameter "rs.security.keystore.type" to "jwk". A remote non-authenticated attacker can obtain all private key and secret key credentials and gain unauthorized access to the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Security Guardium: 10.5 - 11.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

13) Resource management error

EUVDB-ID: #VU22577

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2019-12406

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the affected software does not restrict the number of message attachments present in a given message. A remote authenticated attacker can craft a message containing a very large number of message attachments and cause a denial of service condition on the target system.


Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Security Guardium: 10.5 - 11.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

14) Unprotected storage of credentials

EUVDB-ID: #VU68847

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-39077

CWE-ID: CWE-256 - Unprotected Storage of Credentials

Exploit availability: No

Description

The vulnerability allows a local privileged user to gain access to other users' credentials.

The vulnerability exists due to IBM Security Guardium stores user credentials in plain clear text which can be read by a local privileged user. A local privileged user can view contents of the configuration file and gain access to passwords for 3rd party integration.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Security Guardium: 10.5 - 11.4


CPE2.3 External links

http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###