Multiple vulnerabilities in IBM Cloud Pak for Security (CP4S)



Published: 2023-06-20
Risk Medium
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2022-41940
CVE-2022-21676
CVE-2021-34141
CVE-2022-24302
CVE-2021-37533
CWE-ID CWE-248
CWE-754
CWE-697
CWE-362
CWE-345
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Cloud Pak for Security (CP4S)
Client/Desktop applications / Other client software

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Uncaught Exception

EUVDB-ID: #VU77489

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-41940

CWE-ID: CWE-248 - Uncaught Exception

Exploit availability: No

Description

The vulnerability allows a remote user to perform denial of service attacks.

The vulnerability exists due to an uncaught exception. A remote user can send specially crafted HTTP request to trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Cloud Pak for Security (CP4S): before 1.10.8.0

CPE2.3
External links

http://www.ibm.com/support/pages/node/6995207


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper Check for Unusual or Exceptional Conditions

EUVDB-ID: #VU77545

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-21676

CWE-ID: CWE-754 - Improper Check for Unusual or Exceptional Conditions

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling. A remote attacker can send specially crafted HTTP request to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Cloud Pak for Security (CP4S): before 1.10.8.0

CPE2.3
External links

http://www.ibm.com/support/pages/node/6995207


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Incorrect Comparison

EUVDB-ID: #VU61602

Risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-34141

CWE-ID: CWE-697 - Incorrect Comparison

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incomplete string comparison in the numpy.core component in NumPy. A remote attacker can pass specific string objects to the library and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Cloud Pak for Security (CP4S): before 1.10.8.0

CPE2.3
External links

http://www.ibm.com/support/pages/node/6995207


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Race condition

EUVDB-ID: #VU61662

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-24302

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a race condition in the write_private_key_file() function between creation and chmod operations. A local user can exploit the race and gain unauthorized access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Cloud Pak for Security (CP4S): before 1.10.8.0

CPE2.3
External links

http://www.ibm.com/support/pages/node/6995207


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Insufficient verification of data authenticity

EUVDB-ID: #VU70441

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-37533

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows an attacker to redirect victim to a malicious host.

The vulnerability exists due to the application trusts the host from PASV response by default. A remote attacker can trick the victim into connecting to an attacker controlled FTP server and then redirect the application to another host.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Cloud Pak for Security (CP4S): before 1.10.8.0

CPE2.3
External links

http://www.ibm.com/support/pages/node/6995207


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###