Multiple vulnerabilities in IBM Security Guardium
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 14 |
| CVE-ID | CVE-2016-4658 CVE-2018-8039 CVE-2017-12624 CVE-2019-11719 CVE-2020-6829 CVE-2019-17006 CVE-2019-11756 CVE-2021-30468 CVE-2021-22696 CVE-2020-1954 CVE-2020-13954 CVE-2019-12423 CVE-2019-12406 CVE-2021-39077 |
| CWE-ID | CWE-416 CWE-300 CWE-19 CWE-125 CWE-310 CWE-122 CWE-400 CWE-20 CWE-522 CWE-399 CWE-256 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
IBM Security Guardium Client/Desktop applications / Antivirus software/Personal firewalls |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 14 vulnerabilities.
1) Use-after-free
EUVDB-ID: #VU57346
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-4658
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error, caused by using namespace nodes in XPointer ranges within the xpointer.c in libxml2. A remote attackers can pass specially crated XML document to he application, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Guardium: 10.5 - 11.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:10.6:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.0:*:*:*:*:*:*:
http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Man-in-the-middle attack
EUVDB-ID: #VU13523
Risk: Low
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-8039
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to conduct man-in-the-middle attack on the target system.
The weakness exists due to improper verification of TLS hostnames when used with the 'com.sun.net.ssl' implementation. A remote attacker can conduct a man-in-the-middle attack and bypass the hostname verification.
Install update from vendor's website.
Vulnerable software versionsIBM Security Guardium: 10.5 - 11.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:10.6:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.0:*:*:*:*:*:*:
http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Data handling
EUVDB-ID: #VU11285
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12624
CWE-ID:
CWE-19 - Data Handling
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to data handling. A remote attacker can send specially crafted message attachment header and cause the service to crash.
Install update from vendor's website.
Vulnerable software versionsIBM Security Guardium: 10.5 - 11.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:10.6:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.0:*:*:*:*:*:*:
http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds read
EUVDB-ID: #VU33037
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-11719
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Guardium: 10.5 - 11.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:10.6:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.0:*:*:*:*:*:*:
http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Cryptographic issues
EUVDB-ID: #VU46019
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-6829
CWE-ID:
CWE-310 - Cryptographic Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to usage of wNAF point multiplication algorithm when performing EC scalar point multiplication, which leaked partial information about the nonce used during signature generation. A remote attacker can perform an electro-magnetic side-channel attack and recover the private key.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Guardium: 10.5 - 11.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:10.6:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.0:*:*:*:*:*:*:
http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Heap-based buffer overflow
EUVDB-ID: #VU47197
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-17006
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Mozilla NSS library when processing input text length while using certain cryptographic primitives. A remote attacker can pass specially crafted data to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Guardium: 10.5 - 11.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:10.6:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.0:*:*:*:*:*:*:
http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Use-after-free
EUVDB-ID: #VU23369
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-11756
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error when processing SFTKSession object. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger a use-after-free error and crash the application or execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Guardium: 10.5 - 11.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:10.6:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.0:*:*:*:*:*:*:
http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Resource exhaustion
EUVDB-ID: #VU56019
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-30468
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in the JsonMapObjectReaderWriter. A remote attacker can trigger resource exhaustion by submitting a malformed JSON to a web service and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Guardium: 10.5 - 11.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:10.6:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.0:*:*:*:*:*:*:
http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Input validation error
EUVDB-ID: #VU51939
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-22696
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper validation of "request_uri" parameter by the OAuth 2 authorization service. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Guardium: 10.5 - 11.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:10.6:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.0:*:*:*:*:*:*:
http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Man-in-the-Middle (MitM) attack
EUVDB-ID: #VU26530
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-1954
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a man-in-the-middle (MitM) attack.
The vulnerability exists in the JMX Integration when the "createMBServerConnectorFactory" property of the default InstrumentationManagerImpl is not disabled. A remote attacker on the same host can perform a man-in-the-middle attack and gain access to all of the information that is sent and received over JMX.
Mitigation
Install update from vendor's website.
Vulnerable software versionsIBM Security Guardium: 10.5 - 11.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:10.6:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.0:*:*:*:*:*:*:
http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Improper input validation
EUVDB-ID: #VU49857
Risk: Medium
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-13954
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The vulnerability exists due to improper input validation within the Supplier Direct Fulfillment (Apache CXF) component in Oracle Retail Order Broker Cloud Service. A remote non-authenticated attacker can exploit this vulnerability to read and manipulate data.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Guardium: 10.5 - 11.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:10.6:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.0:*:*:*:*:*:*:
http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Insufficiently protected credentials
EUVDB-ID: #VU27701
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-12423
CWE-ID:
CWE-522 - Insufficiently Protected Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access ti sensitive information.
The vulnerability exists due to the application allows a client to obtain the keys from a JWK keystore file, by setting the configuration parameter "rs.security.keystore.type" to "jwk". A remote non-authenticated attacker can obtain all private key and secret key credentials and gain unauthorized access to the application.
Install update from vendor's website.
Vulnerable software versionsIBM Security Guardium: 10.5 - 11.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:10.6:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.0:*:*:*:*:*:*:
http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Resource management error
EUVDB-ID: #VU22577
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-12406
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to the affected software does not restrict the number of message attachments present in a given message. A remote authenticated attacker can craft a message containing a very large number of message attachments and cause a denial of service condition on the target system.
Install update from vendor's website.
Vulnerable software versionsIBM Security Guardium: 10.5 - 11.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:10.6:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.0:*:*:*:*:*:*:
http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Unprotected storage of credentials
EUVDB-ID: #VU68847
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-39077
CWE-ID:
CWE-256 - Unprotected Storage of Credentials
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to gain access to other users' credentials.
The vulnerability exists due to IBM Security Guardium stores user credentials in plain clear text which can be read by a local privileged user. A local privileged user can view contents of the configuration file and gain access to passwords for 3rd party integration.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Security Guardium: 10.5 - 11.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.4:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:10.6:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_security_guardium:11.0:*:*:*:*:*:*:
http://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-34/
http://www.ibm.com/support/pages/node/6831647
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
