Multiple vulnerabilities in IBM Security Verify Governance
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2022-0778 CVE-2022-28733 CVE-2022-28734 CVE-2021-40528 |
| CWE-ID | CWE-835 CWE-191 CWE-787 CWE-327 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software |
IBM Security Verify Governance Server applications / Other server solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Infinite loop
EUVDB-ID: #VU61391
Risk: Medium
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2022-0778
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the BN_mod_sqrt() function when processing an ASN.1 certificate that contains elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. A remote attacker can supply a specially crafted certificate to the TLS server or client, consume all available system resources and cause denial of service conditions.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Verify Governance: 10.0.1 - 10.0.1.0.2
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_verify_governance:10.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_security_verify_governance:10.0.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_security_verify_governance:10.0.1.0.2:*:*:*:*:*:*:*
http://www.ibm.com/support/pages/node/6849249
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Integer underflow
EUVDB-ID: #VU64062
Risk: High
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2022-28733
CWE-ID:
CWE-191 - Integer underflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer underflow when processing IP packets within the grub_net_recv_ip4_packets() function. A remote attacker can send specially crafted network traffic to the affected system, trigger an integer underflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Verify Governance: 10.0.1 - 10.0.1.0.2
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_verify_governance:10.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_security_verify_governance:10.0.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_security_verify_governance:10.0.1.0.2:*:*:*:*:*:*:*
http://www.ibm.com/support/pages/node/6849249
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds write
EUVDB-ID: #VU64063
Risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-28734
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing split HTTP headerst. A remote attacker can send specially crafted traffic to the affected system, trigger an out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Verify Governance: 10.0.1 - 10.0.1.0.2
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_verify_governance:10.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_security_verify_governance:10.0.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_security_verify_governance:10.0.1.0.2:*:*:*:*:*:*:*
http://www.ibm.com/support/pages/node/6849249
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Use of a broken or risky cryptographic algorithm
EUVDB-ID: #VU56685
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-40528
CWE-ID:
CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to use of a broken or risky cryptographic algorithm in the ElGamal implementation. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Verify Governance: 10.0.1 - 10.0.1.0.2
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_verify_governance:10.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_security_verify_governance:10.0.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_security_verify_governance:10.0.1.0.2:*:*:*:*:*:*:*
http://www.ibm.com/support/pages/node/6849249
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
