Multiple vulnerabilities in IBM Directory Server and IBM Directory Suite products

Published: 2023-05-24

Risk	Medium
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2022-22476 CVE-2022-34165
CWE-ID	CWE-290 CWE-444
Exploitation vector	Network
Public exploit	N/A
Vulnerable software Subscribe	IBM Security Directory Suite Other software / Other software solutions IBM Security Directory Server Other software / Other software solutions
Vendor	IBM Corporation

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Authentication Bypass by Spoofing

EUVDB-ID: #VU65845

Risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-22476

CWE-ID: CWE-290 - Authentication Bypass by Spoofing

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute identity spoofing attacks.

The vulnerability exists due to an unspecified error in IBM WebSphere Application Server Liberty. A remote authenticated user can send a specially crafted request to perform identity spoofing attacks.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Security Directory Suite: before 8.0.1.19

IBM Security Directory Server: before 6.4.0.27

External links

http://www.ibm.com/support/pages/node/6997581

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Inconsistent interpretation of HTTP requests

EUVDB-ID: #VU69209

Risk: Medium

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-34165

CWE-ID: CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')