Multiple vulnerabilities in IBM Cloud Pak System



Risk Low
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2022-26373
CVE-2022-31681
CVE-2022-31696
CVE-2022-31699
CVE-2022-31680
CWE-ID CWE-264
CWE-476
CWE-119
CWE-122
CWE-502
Exploitation vector Network
Public exploit N/A
Vulnerable software
IBM Cloud Pak System
Server applications / Server solutions for antivurus protection

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Security restrictions bypass

EUVDB-ID: #VU66549

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-26373

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to non-transparent sharing of return predictor targets between contexts in Intel CPU processors. A local user can bypass the expected architecture isolation between contexts and gain access to sensitive information on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak System: 2.3.0.1 - 2.3.3.5

CPE2.3 External links

http://www.ibm.com/support/pages/node/6856999


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) NULL pointer dereference

EUVDB-ID: #VU67979

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-31681

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error. A local user with privileges within the VMX process only can perform a denial of service (DoS) attack against the host.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak System: 2.3.0.1 - 2.3.3.5

CPE2.3 External links

http://www.ibm.com/support/pages/node/6856999


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Buffer overflow

EUVDB-ID: #VU70077

Risk: Low

CVSSv3.1: 5.6 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-31696

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in the way network socket are handled. A local privileged user can trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak System: 2.3.0.1 - 2.3.3.5

CPE2.3 External links

http://www.ibm.com/support/pages/node/6856999


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Heap-based buffer overflow

EUVDB-ID: #VU70078

Risk: Low

CVSSv3.1: 2.5 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-31699

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a boundary error in OpenSLP. A local user with restricted privileges within a sandbox process can trigger a heap overflow and gain access to sensitive information.


Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak System: 2.3.0.1 - 2.3.3.5

CPE2.3 External links

http://www.ibm.com/support/pages/node/6856999


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Deserialization of Untrusted Data

EUVDB-ID: #VU67978

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-31680

CWE-ID: CWE-502 - Deserialization of Untrusted Data

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to insecure input validation when processing serialized data within the Platform services controller (PSC). A remote user with administrative privileges can pass specially crafted data to the controller and execute arbitrary code on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cloud Pak System: 2.3.0.1 - 2.3.3.5

CPE2.3 External links

http://www.ibm.com/support/pages/node/6856999


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###