IBM Security SOAR uses an older version of Apache Tomcat (9.0.63) that may be identified and exploited. An update has been released which addresses these issues. The version of Apache Tomcat included in the latest version of IBM ® Security Soar is 9.0.68.
CVEID:CVE-2022-42252
**DESCRIPTION:**Apache Tomcat is vulnerable to HTTP request smuggling, caused by the failure to reject a request containing an invalid Content-Length header when configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.
CVSS Base score: 4.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/239171 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM Security SOAR | 47.0 and earlier |
IBM encourages customers to promptly update their systems.
Users must upgrade to v47.1 or higher of IBM SOAR in order to obtain a fix for this vulnerability.
You can upgrade the platform and apply the security updates by following the instructions in the “Upgrade Procedure” section in the IBM Documentation
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm security soar | le | 47.0 |