IBM4F8CB2963CA2F18BC5DA4EE164FA8F536D2CAF3121C1AF56CDB4E4836711C1B1Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.17 and earlier
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
Confidence
High
Summary
This fix upgrades to Websphere Liberty 24.0.0.6, socket.io 3.0.2, and grpc-js 1.8.22. Websphere Liberty is used by the IBM Answer Retrieval for Watson Discovery swagger microservice. Socket.io and grpc-js are used by the IBM Answer Retrieval for Watson Discovery user interfaces for communication with the backend microservcices. There are two categories of vulnerabilities addressed. The first allows remote attackers to gain access to the system, bypassing security restrictions. The second makes the system vulnerable to denial of service attacks. This bulletin identifies the steps to take to address the vulnerabilities.
Vulnerability Details
CVEID:CVE-2024-38355
**DESCRIPTION:**Socket.IO is vulnerable to a denial of service. By sending a specially crafted Socket.IO packet, a remote attacker could exploit this vulnerability to trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process.
CVSS Base score: 7.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/295220 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID:CVE-2024-22354
**DESCRIPTION:**IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.5 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information, consume memory resources, or to conduct a server-side request forgery attack. IBM X-Force ID: 280401.
CVSS Base score: 7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/280401 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L)
CVEID:CVE-2024-37168
**DESCRIPTION:**gRPC on Node.js is vulnerable to a denial of service, caused by a flaw with memory allocation with excessive size value. By sending specially crafted messages, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/294632 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| ICP - IBM Answer Retrieval for Watson Discovery | All |
| ICP - IBM Answer Retrieval for Watson Discovery | All |
| ICP - IBM Answer Retrieval for Watson Discovery | All |
Remediation/Fixes
| Product(s) | **Version(s) number and/or range ** | Remediation/Fix/Instructions |
|---|---|---|
| IBM Answer Retrieval for Watson Discovery | < 2.18.0 | Download and install v2.18.0 |
| Follow instructions in the downloaded package. |
Workarounds and Mitigations
N/A
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | answer_retrieval_for_watson_discovery_on_prem | 2.7.0 | cpe:2.3:a:ibm:answer_retrieval_for_watson_discovery_on_prem:2.7.0:*:*:*:*:*:*:* |
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
Confidence
High