Multiple vulnerabilities in IBM Cloud Pak System
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2022-28693 CVE-2022-29901 CVE-2022-23816 CVE-2022-23825 |
| CWE-ID | CWE-1037 CWE-843 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
IBM Cloud Pak System Server applications / Server solutions for antivurus protection |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Processor optimization removal or modification of security-critical code
EUVDB-ID: #VU65221
Risk: Low
CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-28693
CWE-ID:
CWE-1037 - Processor optimization removal or modification of security-critical code
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to unprotected alternative channel of return branch target prediction. A local user can gain access to sensitive information.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak System: 2.3.3.0 - 2.3.3.5
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_cloud_pak_system:2.3.3.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_cloud_pak_system:2.3.3.1:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_cloud_pak_system:2.3.3.2:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/6966316
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Processor optimization removal or modification of security-critical code
EUVDB-ID: #VU65220
Risk: Low
CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-29901
CWE-ID:
CWE-1037 - Processor optimization removal or modification of security-critical code
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to the way non-transparent sharing of branch predictor targets between contexts. A local user can exploit the vulnerability to gain access to sensitive information.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak System: 2.3.3.0 - 2.3.3.5
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_cloud_pak_system:2.3.3.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_cloud_pak_system:2.3.3.1:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_cloud_pak_system:2.3.3.2:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/6966316
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Type Confusion
EUVDB-ID: #VU65219
Risk: Low
CVSSv3.1: 2.2 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-23816
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a branch type confusion. A local user can force the branch predictor to predict the wrong branch type and gain access to sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Cloud Pak System: 2.3.3.0 - 2.3.3.5
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_cloud_pak_system:2.3.3.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_cloud_pak_system:2.3.3.1:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_cloud_pak_system:2.3.3.2:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/6966316
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Type Confusion
EUVDB-ID: #VU65204
Risk: Low
CVSSv3.1: 2.2 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-23825
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a branch type confusion. A local user can force the branch predictor to predict the wrong branch type and gain access to sensitive information.
Install update from vendor's website.
Vulnerable software versionsIBM Cloud Pak System: 2.3.3.0 - 2.3.3.5
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_cloud_pak_system:2.3.3.0:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_cloud_pak_system:2.3.3.1:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_cloud_pak_system:2.3.3.2:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/6966316
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
