IBM Security SOAR is using a component with known vulnerabilities - Elasticsearch ( CVE-2021-22144, CVE-2021-22145, CVE-2021-22147)
CVEID:CVE-2021-22144
**DESCRIPTION:**Elasticsearch is vulnerable to a denial of service, caused by an uncontrolled recursion vulnerability in the Elasticsearch Grok parser. By creating a specially crafted Grok query, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/206321 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2021-22145
**DESCRIPTION:**Elastic Elasticsearch could allow a remote authenticated attacker to obtain sensitive information, caused by an out-of-bounds read flaw in the error reporting feature. By sending a specially-crafted query, an attacker could exploit this vulnerability to obtain sensitive information from a data buffer, and use this information to launch further attacks against the affected system.
CVSS Base score: 8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/206021 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID:CVE-2021-22147
**DESCRIPTION:**Elastic Elasticsearch could allow a remote authenticated attacker to obtain sensitive information, caused by an issue when document and field level security is not applied to searchable snapshots. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain unauthorized information, and use this information to launch further attacks against the affected system.
CVSS Base score: 5.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/209426 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
Resilient OnPrem | IBM Security SOAR |
Users must upgrade to v43.0 or higher of IBM Resilient in order to obtain a fix for this vulnerability. You can upgrade the platform and apply the security updates by following the instructions in the “Upgrade Procedure” section in the IBM Documentation
None