Lucene search

K
ibmIBM498E2081FAAB74FA2D5794E3600C3CC1C438E5F69E8184FF74F3884129D2C1A1
HistoryJan 31, 2024 - 1:45 p.m.

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to multiple Node.js vulnerabilities

2024-01-3113:45:05
www.ibm.com
15
ibm watson assistant
ibm cloud pak for data
node.js
vulnerabilities
security restrictions
remote attacker

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

Low

EPSS

0.001

Percentile

39.4%

Summary

Multiple Node.js vulnerabilitiies have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerabilities have been addressed. Refer to details for additional information.

Vulnerability Details

CVEID:CVE-2023-32005
**DESCRIPTION:*Node.js could allow a remote attacker to obtain sensitive information, caused by the failure to restrict file stats through the fs.statfs API in the permission model. By using the --allow-fs-read flag with a non- argument, an attacker could exploit this vulnerability to retrieve stats from files that they do not have explicit read access to.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/262903 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID:CVE-2023-32006
**DESCRIPTION:**Node.js could allow a remote attacker to bypass security restrictions, caused by the use of module.constructor.createRequire(). By sending a specially crafted request, an attacker could exploit this vulnerability to bypass the permission policy mechanism.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/262901 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2023-32003
**DESCRIPTION:**Node.js could allow a remote attacker to bypass security restrictions, caused by a missing getValidatedPath() check in the fs.mkdtemp() and fs.mkdtempSync() APIs. By using a path traversal attack, an attacker could exploit this vulnerability to bypass the permission model check and create an arbitrary directory.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/262904 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2023-32558
**DESCRIPTION:**Node.js could allow a remote attacker to bypass security restrictions, caused by the use of the deprecated API process.binding(). By using a path traversal sequence, an attacker could exploit this vulnerability to bypass the permission model.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/262900 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID:CVE-2023-32559
**DESCRIPTION:**Node.js could allow a remote attacker to bypass security restrictions, caused by the use of the deprecated API process.binding(). By sending a specially crafted request, an attacker could exploit this vulnerability to bypass the permission policy mechanism.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/262902 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2023-32002
**DESCRIPTION:**Node.js could allow a remote attacker to bypass security restrictions, caused by the use of Module._load(). By sending a specially crafted request, an attacker could exploit this vulnerability to bypass the permission policy mechanism.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/262896 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID:CVE-2023-32004
**DESCRIPTION:**Node.js could allow a remote attacker to bypass security restrictions, caused by the improper handling of Buffers in file system APIs within the experimental permission model. By specifying a path traversal sequence in a Buffer, an attacker could exploit this vulnerability to cause a path traversal bypass when verifying file permissions.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/262899 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

Affected Products and Versions

Affected Product(s) Affected Version(s)
IBM Watson Assistant For IBM Cloud Pak for Data All Versions Before V4.7.4

Remediation/Fixes

Remediation/Fixes:

For all affected versions, IBM strongly recommends addressing the vulnerability now by upgrading to the latest (v4.7.4 or later releases) release of IBM Watson Assistant for IBM Cloud Pak for Data which maintains backward compatibility with the versions listed above.

Product Latest Version Remediation/Fix/Instructions
IBM Watson Assistant for IBM Cloud Pak for Data 4.7.4

Follow instructions for Installing Watson Assistant in Link to Release (v4.7.4 release information)

<https://www.ibm.com/docs/en/cloud-paks/cp-data/4.7.x&gt;

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmwatson_assistant_for_ibm_cloud_pak_for_dataMatchany

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

Low

EPSS

0.001

Percentile

39.4%