Multiple vulnerabilities in IBM PowerSC



Published: 2023-01-25
Risk Medium
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2022-32206
CVE-2022-32207
CVE-2022-32208
CVE-2022-32205
CVE-2022-35252
CWE-ID CWE-400
CWE-276
CWE-347
CWE-20
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
PowerSC
Operating systems & Components / Operating system

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Resource exhaustion

EUVDB-ID: #VU64682

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-32206

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insecure processing of compressed HTTP responses. A malicious server can send a specially crafted HTTP response to curl and perform a denial of service attack by forcing curl to spend enormous amounts of allocated heap memory, or trying to and returning out of memory errors.

Mitigation

Install update from vendor's website.

Vulnerable software versions

PowerSC: All versions


CPE2.3 External links

http://www.ibm.com/support/pages/node/6856467

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Incorrect default permissions

EUVDB-ID: #VU64684

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-32207

CWE-ID: CWE-276 - Incorrect Default Permissions

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to incorrect default permissions set to cookies, alt-svc and hsts data stored in local files. A local user with ability to read such files can gain access to potentially sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

PowerSC: All versions


CPE2.3 External links

http://www.ibm.com/support/pages/node/6856467

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Improper Verification of Cryptographic Signature

EUVDB-ID: #VU64685

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-32208

CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to improper handling of message verification failures when performing FTP transfers secured by krb5. A remote attacker can perform MitM attack and manipulate data.

Mitigation

Install update from vendor's website.

Vulnerable software versions

PowerSC: All versions


CPE2.3 External links

http://www.ibm.com/support/pages/node/6856467

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Resource exhaustion

EUVDB-ID: #VU64681

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-32205

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to curl does not impose limits to the size of cookies stored in the system. A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and consume all available disk space.

Mitigation

Install update from vendor's website.

Vulnerable software versions

PowerSC: All versions


CPE2.3 External links

http://www.ibm.com/support/pages/node/6856467

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Input validation error

EUVDB-ID: #VU66881

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-35252

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to the way curl handles cookies with control codes (byte values below 32). When cookies that contain such control codes are later sent back to an HTTP(S) server, it might make the server return a 400 response, effectively allowing a "sister site" to deny service to siblings.

Mitigation

Install update from vendor's website.

Vulnerable software versions

PowerSC: All versions


CPE2.3 External links

http://www.ibm.com/support/pages/node/6856467

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###