Lucene search

IBM498E2081FAAB74FA2D5794E3600C3CC1C438E5F69E8184FF74F3884129D2C1A1

HistoryJan 31, 2024 - 1:45 p.m.

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to multiple Node.js vulnerabilities

2024-01-3113:45:05

www.ibm.com

ibm watson assistant

ibm cloud pak for data

node.js

vulnerabilities

security restrictions

remote attacker

7.7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

38.6%

JSON

Summary

Multiple Node.js vulnerabilitiies have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerabilities have been addressed. Refer to details for additional information.

Vulnerability Details

CVEID:CVE-2023-32005
**DESCRIPTION:*Node.js could allow a remote attacker to obtain sensitive information, caused by the failure to restrict file stats through the fs.statfs API in the permission model. By using the --allow-fs-read flag with a non- argument, an attacker could exploit this vulnerability to retrieve stats from files that they do not have explicit read access to.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/262903 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID:CVE-2023-32006
**DESCRIPTION:**Node.js could allow a remote attacker to bypass security restrictions, caused by the use of module.constructor.createRequire(). By sending a specially crafted request, an attacker could exploit this vulnerability to bypass the permission policy mechanism.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/262901 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2023-32003
**DESCRIPTION:**Node.js could allow a remote attacker to bypass security restrictions, caused by a missing getValidatedPath() check in the fs.mkdtemp() and fs.mkdtempSync() APIs. By using a path traversal attack, an attacker could exploit this vulnerability to bypass the permission model check and create an arbitrary directory.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/262904 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2023-32558
**DESCRIPTION:**Node.js could allow a remote attacker to bypass security restrictions, caused by the use of the deprecated API process.binding(). By using a path traversal sequence, an attacker could exploit this vulnerability to bypass the permission model.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/262900 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID:CVE-2023-32559
**DESCRIPTION:**Node.js could allow a remote attacker to bypass security restrictions, caused by the use of the deprecated API process.binding(). By sending a specially crafted request, an attacker could exploit this vulnerability to bypass the permission policy mechanism.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/262902 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2023-32002
**DESCRIPTION:**Node.js could allow a remote attacker to bypass security restrictions, caused by the use of Module._load(). By sending a specially crafted request, an attacker could exploit this vulnerability to bypass the permission policy mechanism.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/262896 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID:CVE-2023-32004
**DESCRIPTION:**Node.js could allow a remote attacker to bypass security restrictions, caused by the improper handling of Buffers in file system APIs within the experimental permission model. By specifying a path traversal sequence in a Buffer, an attacker could exploit this vulnerability to cause a path traversal bypass when verifying file permissions.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/262899 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

Affected Products and Versions

Affected Product(s)	Affected Version(s)
IBM Watson Assistant For IBM Cloud Pak for Data	All Versions Before V4.7.4

Remediation/Fixes

Remediation/Fixes:

For all affected versions, IBM strongly recommends addressing the vulnerability now by upgrading to the latest (v4.7.4 or later releases) release of IBM Watson Assistant for IBM Cloud Pak for Data which maintains backward compatibility with the versions listed above.

Product Latest Version	Remediation/Fix/Instructions
IBM Watson Assistant for IBM Cloud Pak for Data 4.7.4

Follow instructions for Installing Watson Assistant in Link to Release (v4.7.4 release information)

<https://www.ibm.com/docs/en/cloud-paks/cp-data/4.7.x>

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm watson assistant for ibm cloud pak for dataeqany

CPE	Name	Operator	Version
	ibm watson assistant for ibm cloud pak for data	eq	any