Lucene search

K
ibmIBM2624255BA6BCA8692156E3B981781BF2F914D88BF73AB5BDA5DE637BD2D077C2
HistorySep 03, 2024 - 2:18 p.m.

Security Bulletin: IBM DataPower Gateway vulnerable to data truncation and DoS in Kerberos (CVE-2024-37370 & CVE-2024-37371)

2024-09-0314:18:56
www.ibm.com
9
ibm
datapower gateway
kerberos
vulnerabilities
truncation
dos
cve-2024-37370
cve-2024-37371
mitigation
ibm cloud
security bulletin

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

AI Score

8.5

Confidence

High

Summary

Kerberos is used by IBM DataPower Gateway as an optional authentication mechanism.

Vulnerability Details

**CVEID:**CVE-2024-37370 DESCRIPTION: MIT Kerberos 5 (aka krb5) could allow a remote attacker to bypass security restrictions, caused by improper access control. By sending a specially crafted request to modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, an attacker could exploit this vulnerability to cause the unwrapped token to appear truncated to the application.
CVSS Base score: 7.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/296012 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H)

**CVEID:**CVE-2024-37371 DESCRIPTION: MIT Kerberos 5 (aka krb5) is vulnerable to a denial of service, caused by an invalid memory reads during GSS message token handling. By sending specially crafted message tokens, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/296013 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM DataPower Gateway 10.5.0 10.5.0.0 - 10.5.0.12
IBM DataPower Gateway 10.6.0 10.6.0.0

Remediation/Fixes

Affected product version(s) Fixed in version APAR
IBM DataPower Gateway 10.5.0 10.5.0.13 IT46686
IBM DataPower Gateway 10.6.0 10.6.0.1 IT46686

IBM strongly recommends addressing the vulnerability now.

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmdatapower_gatewayMatch10.5.0
OR
ibmdatapower_gatewayMatch10.6.0
VendorProductVersionCPE
ibmdatapower_gateway10.5.0cpe:2.3:a:ibm:datapower_gateway:10.5.0:*:*:*:*:*:*:*
ibmdatapower_gateway10.6.0cpe:2.3:a:ibm:datapower_gateway:10.6.0:*:*:*:*:*:*:*

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

AI Score

8.5

Confidence

High