Lucene search

K
ibmIBM585635C4B29EFD8109EACC1CAC30FA91D87728E3C6901D4AF4AFBDD6028F769D
HistoryDec 16, 2022 - 5:01 p.m.

Security Bulletin: Vulnerabilities in PHP may affect IBM Spectrum Sentinel Anomaly Scan Engine (CVE-2021-21703, CVE-2021-21708, CVE-2021-21707, CVE-2022-31629, CVE-2022-31628)

2022-12-1617:01:05
www.ibm.com
29
vulnerabilities
php
ibm spectrum sentinel anomaly scan engine
remote code execution
sensitive information leakage
elevated privileges
cross-site request forgery
denial of service

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.006 Low

EPSS

Percentile

79.3%

Summary

Vulnerabilities in PHP may affect IBM Spectrum Sentinel Anomaly Scan Engine. Vulnerabilities include: PHP allowing remote attacker to execute arbitrary code, obtain sensitive information, local authenticated attacker gain elevated privileges on the system, cross-site request forgery and denial of service.

Vulnerability Details

CVEID:CVE-2022-31628
**DESCRIPTION:**PHP is vulnerable to a denial of service, caused by a flaw in the phar uncompressor code. By using a specially-crafted gzip file, a local authenticated attacker could exploit this vulnerability to cause an infinite loop, and results in a denial of service condition.
CVSS Base score: 2.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/237533 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2022-31629
**DESCRIPTION:**PHP is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to set a standard insecure cookie in the browser. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
CVSS Base score: 5.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/237534 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N)

CVEID:CVE-2021-21708
**DESCRIPTION:**PHP could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code or cause the application to crash.
CVSS Base score: 8.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/221046 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L)

CVEID:CVE-2021-21703
**DESCRIPTION:**PHP could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw when running PHP FPM SAPI with the main FPM daemon process running as root. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges as root.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/212017 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)

CVEID:CVE-2021-21707
**DESCRIPTION:**PHP could allow a remote attacker to obtain sensitive information, caused by a weakly configured XML parser. By using a specially-crafted filename containing URL-encoded NUL character, an attacker could exploit this vulnerability to read a different file than intended, and use this information to launch further attacks against the affected system.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/214167 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Spectrum Sentinel Anomaly Scan Engine 1.1.0-1.1.1

Remediation/Fixes

IBM Spectrum Sentinel Anomaly Scan Engine |

Fixing Level

|

Platform

|

Link to Fix and Instructions

—|—|—|—

1.1.0-1.1.1

|

1.1.2

|

Linux

|

<https://www.ibm.com/support/pages/node/6841595&gt;

Please refer to IBM Spectrum Copy Data Management security bulletins for the Spectrum Copy Data Management vulnerabilities.

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmspectrum_scaleMatch1.1
CPENameOperatorVersion
ibm spectrum sentineleq1.1

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.006 Low

EPSS

Percentile

79.3%