Lucene search

K
ibmIBM3E895539B91ACF526D1C11B762D092A208B5E6064A69A0778877D225E68740E2
HistoryJun 28, 2023 - 7:54 p.m.

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a arbitrary code execution in SnakeYaml (CVE-2022-1471)

2023-06-2819:54:12
www.ibm.com
22
ibm
watson speech services cartridge
cloud pak for data
snakeyaml
code execution
cve-2022-1471
vulnerability
java
microservices
deserialization
upgrade

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

0.021

Percentile

89.3%

Summary

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a arbitrary code execution in SnakeYaml due to an unsafe deserialization in the Constructor class.(CVE-2022-1471). SnakeYaml is included as part of the java microservices in our speech services. This vulnerabilitiy has been addressed. Please read the details for remediation below

Vulnerability Details

**CVEID:**CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the Constructor class. By using a specially-crafted yaml content, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 8.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/241118 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data 4.0.0 - 4.6.6

Remediation/Fixes

IBM strongly recommends addressing the vulnerability now by upgrading.

Product(s)|**Version(s)
|Remediation/Fix/Instructions
—|—|—
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data| 4.7| The fix in 4.7 applies to all versions listed (4.0.0-4.6.6). Version 4.7 can be downloaded and installed from: https://www.ibm.com/docs/en/cloud-paks/cp-data
**

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmibm_speech_to_text_for_ibm_cloudMatch4.0.0
OR
ibmibm_speech_to_text_for_ibm_cloudMatch4.6.6
VendorProductVersionCPE
ibmibm_speech_to_text_for_ibm_cloud4.0.0cpe:2.3:a:ibm:ibm_speech_to_text_for_ibm_cloud:4.0.0:*:*:*:*:*:*:*
ibmibm_speech_to_text_for_ibm_cloud4.6.6cpe:2.3:a:ibm:ibm_speech_to_text_for_ibm_cloud:4.6.6:*:*:*:*:*:*:*

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

0.021

Percentile

89.3%