Multiple vulnerabilities in IBM Cloud Pak for Security (CP4S)
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 28 |
| CVE-ID | CVE-2022-37599 CVE-2023-33201 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215 CVE-2022-35256 CVE-2022-32212 CVE-2022-35255 CVE-2022-24999 CVE-2022-43548 CVE-2020-23064 CVE-2022-38778 CVE-2023-34981 CVE-2022-25927 CVE-2021-43138 CVE-2023-28155 CVE-2020-7788 CVE-2022-37603 CVE-2022-37601 CVE-2022-3517 CVE-2020-15168 CVE-2022-0235 CVE-2022-46175 CVE-2022-33987 CVE-2021-3807 CVE-2021-44906 CVE-2020-7598 CVE-2020-15366 |
| CWE-ID | CWE-185 CWE-90 CWE-444 CWE-703 CWE-330 CWE-94 CWE-350 CWE-79 CWE-20 CWE-200 CWE-918 CWE-770 CWE-601 CWE-400 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #9 is available. |
| Vulnerable software Subscribe |
Cloud Pak for Security (CP4S) Client/Desktop applications / Other client software |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 28 vulnerabilities.
1) Incorrect Regular Expression
EUVDB-ID: #VU70122
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-37599
CWE-ID:
CWE-185 - Incorrect Regular Expression
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input passed via the resourcePath variable to interpolateName() function in interpolateName.js. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack. MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) LDAP injection
EUVDB-ID: #VU78328
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-33201
CWE-ID:
CWE-90 - Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to improper input validation in applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability. A remote non-authenticated attacker can use a specially crafted X.509 certificate to bypass authentication process and gain unauthorized access to the application.
MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Inconsistent interpretation of HTTP requests
EUVDB-ID: #VU65275
Risk: Medium
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32213
CWE-ID:
CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform HTTP request smuggling attacks.
The vulnerability exists due to improper validation of HTTP requests. A remote attacker can send a specially-crafted request to lead to HTTP Request Smuggling to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Inconsistent interpretation of HTTP requests
EUVDB-ID: #VU65278
Risk: Medium
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32214
CWE-ID:
CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform HTTP request smuggling attacks.
The vulnerability exists due to llhttp parser in the http module does not strictly use the CRLF sequence to delimit HTTP requests. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.
Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Inconsistent interpretation of HTTP requests
EUVDB-ID: #VU65282
Risk: Medium
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32215
CWE-ID:
CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform HTTP request smuggling attacks.
The vulnerability exists due to llhttp parser in the http module does not correctly handle multi-line Transfer-Encoding headers. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.
Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Inconsistent interpretation of HTTP requests
EUVDB-ID: #VU67850
Risk: Medium
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-35256
CWE-ID:
CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform HTTP request smuggling attacks.
The vulnerability exists due to improper validation of HTTP requests. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.
Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper Check or Handling of Exceptional Conditions
EUVDB-ID: #VU65273
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-32212
CWE-ID:
CWE-703 - Improper Check or Handling of Exceptional Conditions
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to IsIPAddress does not properly checks if an IP address is invalid or not. A remote unauthenticated attacker can exploit this vulnerability to bypass the IsAllowedHost check and execute arbitrary code on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Use of insufficiently random values
EUVDB-ID: #VU67849
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-35255
CWE-ID:
CWE-330 - Use of Insufficiently Random Values
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to decrypt sensitive information.
The vulnerability exists due to usage of weak randomness in WebCrypto keygen within the SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. A remote attacker can decrypt sensitive information.
Install update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Prototype pollution
EUVDB-ID: #VU69675
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2022-24999
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation. A remote attacker can send a specially crafted request and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
10) Reliance on Reverse DNS Resolution for a Security-Critical Action
EUVDB-ID: #VU69354
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-43548
CWE-ID:
CWE-350 - Reliance on Reverse DNS Resolution for a Security-Critical Action
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform DNS rebinding attacks.
The vulnerability exists due to improper validation of octal IP address within the Node.js rebinding protector for --inspec. A remote attacker can
resolve the invalid octal address via DNS. When combined with an active
--inspect session, such as when using VSCode, an attacker can perform DNS
rebinding and execute arbitrary code in client's browser.
Install update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Cross-site scripting
EUVDB-ID: #VU80757
Risk: Medium
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-23064
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in jQuery 2. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Input validation error
EUVDB-ID: #VU80756
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-38778
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote user can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Information disclosure
EUVDB-ID: #VU77622
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-34981
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to HTTP headers are not set in a response. A remote attacker can send a specially crafted HTTP request and gain unauthorized access to sensitive information on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Incorrect Regular Expression
EUVDB-ID: #VU73969
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-25927
CWE-ID:
CWE-185 - Incorrect Regular Expression
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation passed via the trim() function. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
Install update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Prototype pollution
EUVDB-ID: #VU62361
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-43138
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to escalate privileges within the application.
The vulnerability exists due to improper input validation when handling data passed via the mapValues() method. A remote attacker can send a specially crafted request and escalate privileges within the application.
Install update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Server-Side Request Forgery (SSRF)
EUVDB-ID: #VU76617
Risk: Medium
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-28155
CWE-ID:
CWE-918 - Server-Side Request Forgery (SSRF)
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform SSRF attacks.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.
Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Prototype pollution
EUVDB-ID: #VU66955
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-7788
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation when handling INI files. A remote attacker can pass a specially crafted INI file to the application and perform prototype pollution attacks.
Install update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Incorrect Regular Expression
EUVDB-ID: #VU70121
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-37603
CWE-ID:
CWE-185 - Incorrect Regular Expression
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when processing URL within the interpolateName() function in interpolateName.js. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
Install update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Prototype pollution
EUVDB-ID: #VU70123
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-37601
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform prototype pollution attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within the parseQuery() function in parseQuery.js. A remote attacker can inject and execute arbitrary JavaScript code.
Install update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Incorrect Regular Expression
EUVDB-ID: #VU69942
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-3517
CWE-ID:
CWE-185 - Incorrect Regular Expression
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient input validation when processing regular expressions. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
Install update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Allocation of Resources Without Limits or Throttling
EUVDB-ID: #VU63702
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-15168
CWE-ID:
CWE-770 - Allocation of Resources Without Limits or Throttling
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to node-fetch does not honor the size option after following a redirect. A remote attacker can pass specially crafted data to the application and perform a denial of service attack.
Install update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Information disclosure
EUVDB-ID: #VU61471
Risk: Low
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-0235
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the application follows the "Location" HTTP header redirect and passes authorization cookie to a third-party resource. A remote attacker can gain access to sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Prototype pollution
EUVDB-ID: #VU71577
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-46175
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within the JSON5.parse() function. A remote attacker can inject and execute arbitrary script code.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Open redirect
EUVDB-ID: #VU66400
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-33987
CWE-ID:
CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The vulnerability exists due to requested URLs are not verified and allow open redirection to a local UNIX socket. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.
Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Input validation error
EUVDB-ID: #VU57967
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3807
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when matching crafted invalid ANSI escape codes in ansi-regex. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Resource exhaustion
EUVDB-ID: #VU64030
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-44906
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.
MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Prototype pollution
EUVDB-ID: #VU26151
Risk: Medium
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-7598
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can inject and execute arbitrary script code.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Prototype pollution
EUVDB-ID: #VU55498
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-15366
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can inject and execute arbitrary script code.
MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Security (CP4S): 1.10.0.0 - 1.10.14.0
CPE2.3- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.14.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.13.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:cloud_pak_for_security:1.10.8.0:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7031754
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
