Lucene search

K
ibmIBM54D3CCD917A9AA7FAE4F9AD286D62CAAC9751450E10BC04DB40E60612807DAAA
HistoryMay 06, 2024 - 10:05 p.m.

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to multiple vulnerabilities due to the use of IBM Db2

2024-05-0622:05:39
www.ibm.com
3
ibm virtualization engine
ts7700
ibm db2
vulnerabilities
buffer overflow
remote code execution
denial of service

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.5%

Summary

IBM Virtualization Engine TS7700 is susceptible to the vulnerabilities listed below due to the embedded use of IBM Db2. IBM Db2 is used in TS7700 to store metadata about the data it manages. CVE-2023-30431, CVE-2023-29257, CVE-2023-26021, CVE-2023-25930, CVE-2023-27559, CVE-2023-40692.

Vulnerability Details

CVEID:CVE-2023-30431
**DESCRIPTION:**IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 db2set is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow the buffer and execute arbitrary code. IBM X-Force ID: 252184.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/252184 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2023-29257
**DESCRIPTION:**IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to remote code execution as a database administrator of one database may execute code or read/write files from another database within the same instance. IBM X-Force ID: 252011.
CVSS Base score: 7.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/252011 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2023-26021
**DESCRIPTION:**IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service as the server may crash when compiling a specially crafted SQL query using a LIMIT clause. IBM X-Force ID: 247864.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/247864 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-25930
**DESCRIPTION:**IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/247862 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-27559
**DESCRIPTION:**IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted subquery. IBM X-Force ID: 249196.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/249196 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-40692
**DESCRIPTION:**IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, 11.5 is vulnerable to denial of service under extreme stress conditions. IBM X-Force ID: 264807.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/264807 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM System Storage Virtualization Engine TS7700 3957-VED
IBM System Storage Virtualization Engine TS7700 3948-VED

All versions of microcode for the IBM Virtualization Engine TS7700 (3957-VED, and 3948-VED) prior to and including the following are affected:

Machine Type Model Release Version
3957 VED R5.3 8.53.1.21
R5.4 8.54.0.68
3948 VED R5.3 8.53.1.21
R5.4 8.54.0.68

Note: End of Development (EoD) support was announced for 3957-VEC, effective 31 December 2023, after which time no more code fixes will be provided. Please see <https://www.ibm.com/docs/en/announcements/2023-hardware-maintenance-services-withdrawal&gt; for more information.

Remediation/Fixes

IBM strongly recommends addressing the vulnerability now by visiting <https://tape.ibmrcl.enterpriseappointments.com/v2/&gt; or contacting IBM Service at 1-800-IBM-SERV to arrange an upgrade to the latest microcode version. Minimum microcode versions are shown below:

Machine Type Model Release Fix
3957 VED R5.3 Upgrade to 8.54.1.27
R5.4 Upgrade to 8.54.1.27
3948 VED R5.3 Upgrade to 8.54.1.27
R5.4 Upgrade to 8.54.1.27

Workarounds and Mitigations

Although IBM recommends that you upgrade to the fixes identified above, you can mitigate, but not eliminate the risk of these vulnerabilities by restricting physical and network access to the TS7700 to authorized users and IBM Service Personnel only.

Affected configurations

Vulners
Node
ibmvirtualization_engine_ts7770_3957-vedMatch3948
OR
ibm3957-vecMatch2023
OR
ibmsystem_storage_virtualization_engine_ts7700Match3957
OR
ibmsystem_storage_virtualization_engine_ts7700Match3948

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.5%

Related for 54D3CCD917A9AA7FAE4F9AD286D62CAAC9751450E10BC04DB40E60612807DAAA