Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM108CD732E67281E5823508471F3173ED6DFA2A9E5ED5BB8DAB2E8E90BE59683D
HistorySep 27, 2023 - 1:24 p.m.

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

2023-09-2713:24:58
www.ibm.com
12
ibm soar qradar plugin
known vulnerabilities
denial of service
security bypass
pallets werkzeug
python-requests
pypa setuptools
trustcor
certifi

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.2%

JSON

Summary

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs.

Vulnerability Details

CVEID:CVE-2023-25577
**DESCRIPTION:**Pallets Werkzeug is vulnerable to a denial of service, caused by a flaw when parsing multipart form data with many fields. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/247557 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-23934
**DESCRIPTION:**Pallets Werkzeug could allow a remote attacker to bypass security restrictions, caused by improper input validation. By sending a specially-crafted request, an attacker could exploit this vulnerability to set a cookie like =__Host-test=bad for another subdomain.
CVSS Base score: 2.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/247553 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N)

CVEID:CVE-2019-14806
**DESCRIPTION:**Pallets Werkzeug could provide weaker than expected security, caused by an insufficient debugger PIN randomness issue when used with Docker. A remote attacker could exploit this vulnerability to launch further attacks on the system.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/165078 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID:CVE-2023-32681
**DESCRIPTION:**python-requests could allow a remote attacker to obtain sensitive information, caused by the leaking of Proxy-Authorization headers to destination servers during redirects to an HTTPS origin. By persuading a victim to click on a specially crafted URL, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/256114 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N)

CVEID:CVE-2022-23491
**DESCRIPTION:**An unspecified error in with TrustCor’s ownership also operated a business that produced spyware in Certifi has an unknown impact and attack vector.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/241627 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N)

CVEID:CVE-2022-40897
**DESCRIPTION:**Pypa Setuptools is vulnerable to a denial of service, caused by improper input validation. By sending request with a specially crafted regular expression, an remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/243028 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM SOAR QRadar Plugin App 1.0 - 5.0.0

Remediation/Fixes

IBM encourages customers to update their systems promptly.

Follow this link to update to 5.0.3.

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm security qradar siemeq5.0.0

Related

ibm 33
oraclelinux 2
redos 2
nessus 47
ubuntu 2
openvas 33
debian 2
fedora 8
osv 17
redhat 4
debiancve 5
redhatcve 5
suse 2
cbl_mariner 2
veracode 5
mageia 3
cve 5
prion 5
ubuntucve 5
github 4
cvelist 4
f5 1
amazon 2
githubexploit 1
ibm
ibm
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Pallets Werkzeug
2023-05-02 21:56:46
Security Bulletin: IBM Watson Assistant for Cloud pak for Data is affected by vulnerabilities in Pallets Werkzeug .
2023-03-15 21:25:40
Security Bulletin: Vulnerability in Werkzeug affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)
2023-04-03 13:26:23
oraclelinux
oraclelinux
python-werkzeug security update
2023-08-06 00:00:00
python27:2.7 security and bug fix update
2023-11-18 00:00:00
redos
redos
ROS-20230428-03
2023-04-28 00:00:00
ROS-20230619-03
2023-06-19 00:00:00
nessus
nessus
Debian DLA-3346-1 : python-werkzeug - LTS security update
2023-02-27 00:00:00
EulerOS 2.0 SP5 : python-werkzeug (EulerOS-SA-2023-2167)
2023-06-09 00:00:00
RHEL 9 : Red Hat OpenStack Platform 17.0 (python-werkzeug) (RHSA-2023:1018)
2024-04-28 00:00:00
ubuntu
ubuntu
Werkzeug vulnerabilities
2023-06-20 00:00:00
Werkzeug vulnerabilities
2023-03-13 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for python-werkzeug (EulerOS-SA-2023-2167)
2023-06-09 00:00:00
Debian: Security Advisory (DLA-3346-1)
2023-02-28 00:00:00
Debian: Security Advisory (DSA-5470-1)
2023-08-07 00:00:00
debian
debian
[SECURITY] [DLA 3346-1] python-werkzeug security update
2023-02-27 18:21:56
[SECURITY] [DSA 5470-1] python-werkzeug security update
2023-08-06 12:39:03
fedora
fedora
[SECURITY] Fedora 37 Update: mingw-python-werkzeug-2.2.3-1.fc37
2023-03-16 18:33:59
[SECURITY] Fedora 38 Update: mingw-python-werkzeug-2.2.3-1.fc38
2023-03-11 04:07:29
[SECURITY] Fedora 36 Update: mingw-python-certifi-2022.12.7-1.fc36
2023-03-30 01:16:08
osv
osv
python-werkzeug - security update
2023-02-27 00:00:00
python-werkzeug - security update
2023-08-06 00:00:00
python-werkzeug vulnerabilities
2023-03-13 15:08:20
redhat
redhat
(RHSA-2023:1018) Important: Red Hat OpenStack Platform 17.0 (python-werkzeug) security update
2023-02-28 15:40:53
(RHSA-2023:1281) Important: Red Hat OpenStack Platform (python-werkzeug) security update
2023-03-15 19:44:49
(RHSA-2023:7042) Moderate: python27:2.7 security and bug fix update
2023-11-14 08:43:31
debiancve
debiancve
CVE-2019-14806
2019-08-09 15:15:00
CVE-2023-25577
2023-02-14 20:15:17
CVE-2023-23934
2023-02-14 20:15:17
redhatcve
redhatcve
CVE-2019-14806
2019-11-12 09:16:04
CVE-2023-23934
2023-02-16 00:29:39
CVE-2023-25577
2023-02-16 00:29:48
suse
suse
Security update for python-Werkzeug (moderate)
2019-09-17 00:00:00
Security update for python-Werkzeug (moderate)
2019-09-11 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-25577 affecting package python-werkzeug for versions less than 2.0.3-2
2023-03-09 00:25:04
CVE-2023-23934 affecting package python-werkzeug for versions less than 2.2.3-1
2023-03-24 23:57:10
veracode
veracode
Authorization Bypass
2023-02-16 07:44:36
Insecure Randomness
2019-08-13 04:28:46
Denial Of Service (DoS)
2023-02-16 08:55:19
mageia
mageia
Updated python-werkzeug packages fix security vulnerability
2020-01-05 18:37:51
Updated python-certifi packages fix security vulnerability
2023-04-15 22:03:44
Updated python-requests packages fix security vulnerability
2023-06-28 08:21:41
cve
cve
CVE-2019-14806
2019-08-09 15:15:00
CVE-2023-23934
2023-02-14 20:15:17
CVE-2022-23491
2022-12-07 22:15:00
prion
prion
Design/Logic Flaw
2019-08-09 15:15:00
Design/Logic Flaw
2023-02-14 20:15:00
Design/Logic Flaw
2022-12-07 22:15:00
ubuntucve
ubuntucve
CVE-2019-14806
2019-08-09 00:00:00
CVE-2023-23934
2023-02-14 00:00:00
CVE-2023-25577
2023-02-14 00:00:00
github
github
Pallets Werkzeug Insufficient Entropy
2019-08-21 16:15:24
Incorrect parsing of nameless cookies leads to __Host- cookies bypass
2023-02-15 15:37:03
High resource usage when parsing multipart form data with many fields
2023-02-15 15:36:26
cvelist
cvelist
CVE-2019-14806
2019-08-09 14:29:16
Wrkzeug's incorrect parsing of nameless cookies leads to __Host- cookies bypass
2023-02-14 19:56:22
Werkzeug may allow high resource usage when parsing multipart form data with many fields
2023-02-14 19:56:26
f5
f5
K000132764 : SSL Certificates in Mozilla vulnerability CVE-2022-23491
2023-02-27 00:00:00
amazon
amazon
Important: ca-certificates
2023-02-17 00:12:00
Important: ca-certificates
2023-02-17 00:02:00
githubexploit
githubexploit
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Python Requests
2023-07-22 05:24:58

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.2%

JSON
Related for 108CD732E67281E5823508471F3173ED6DFA2A9E5ED5BB8DAB2E8E90BE59683D
ibm33oraclelinux2redos2nessus47ubuntu2openvas33debian2fedora8osv17redhat4debiancve5redhatcve5suse2cbl_mariner2veracode5mageia3cve5prion5ubuntucve5github4cvelist4f51amazon2githubexploit1