Lucene search

K
ibmIBM387AAB23E4B177AB70A86F097EA21FC4A584435D5529E1FEEAED7DBDB2B458FA
HistoryJul 10, 2024 - 2:58 p.m.

Security Bulletin: IBM DataPower Gateway vulnerable to DoS (CVE-2021-33631)

2024-07-1014:58:39
www.ibm.com
17
ibm datapower gateway
dos
integer overflow
os kernel
file-systems
versions
remediation
vulnerability

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

5.9

Confidence

High

Summary

This CVE in the OS kernel can affect mounting file-systems

Vulnerability Details

**CVEID:**CVE-2021-33631 DESCRIPTION: openEuler is vulnerable to a denial of service, caused by an integer overflow. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/280351 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM DataPower Gateway 10.5 CD 10.5.1.0 - 10.5.4.0
IBM DataPower Gateway 10.5.0 10.5.0.0 - 10.5.0.11

Remediation/Fixes

Affected product Fixed in release APAR
IBM DataPower Gateway 10.5CD 10.6.0.0 IT46276
IBM DataPower Gateway 10.5.0 10.5.0.12 IT46276

BM strongly recommends addressing the vulnerability now.

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmdatapower_gatewayMatch10.5.0
OR
ibmdatapower_gatewayMatch10.5
VendorProductVersionCPE
ibmdatapower_gateway10.5.0cpe:2.3:a:ibm:datapower_gateway:10.5.0:*:*:*:*:*:*:*
ibmdatapower_gateway10.5cpe:2.3:a:ibm:datapower_gateway:10.5:*:*:*:*:*:*:*

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

5.9

Confidence

High