CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
15.5%
This fix upgrades to Node.js 18.20.3 and Websphere Liberty 24.0.0.5. Node.js is used by all IBM Answer Retrieval for Watson Discovery user interfaces. Websphere Liberty is used by the IBM Answer Retrieval for Watson Discovery swagger microservice. There are two categories of vulnerabilities addressed. The first allows remote attackers to gain access to the system, bypassing security restrictions. The second makes Node.js vulnerable to denial of service attacks. This bulletin identifies the steps to take to address the vulnerabilities.
CVEID:CVE-2024-22329
**DESCRIPTION:**IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 are vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker could exploit this vulnerability to conduct the SSRF attack. X-Force ID: 279951.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/279951 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID:CVE-2024-25026
**DESCRIPTION:**IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 are vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 281516.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/281516 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2024-27268
**DESCRIPTION:**IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.4 is vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 284574.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/284574 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2024-29896
**DESCRIPTION:**Node.js npm Astro-Shield module is vulnerable to script injection, caused by an error when automated CSP headers generation for SSR content is enabled and the web application serves content that can be partially controlled by external users. A remote attacker could exploit this vulnerability to “allow-listing” malicious injected resources like inlined JS, or references to external malicious scripts by the CSP headers generation feature.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/286851 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVEID:CVE-2024-27982
**DESCRIPTION:**Node.js is vulnerable to HTTP request smuggling, caused by the use of content length obfuscation in the http server. By sending specially crafted HTTP request headers, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/286863 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVEID:CVE-2024-27983
**DESCRIPTION:**Node.js is vulnerable to a denial of service, caused by an assertion failure in node::http2::Http2Session::~Http2Session(). By sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside, an attacker could exploit this vulnerability to cause the HTTP/2 server to crash.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/286865 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2024-27980
**DESCRIPTION:**Node.js could allow a remote attacker to execute arbitrary commands on the system, caused by the improper handling of batch files in child_process.spawn / child_process.spawnSync. By sending a specially crafted command line argument using args parameter, an attacker could exploit this vulnerability to inject and execute arbitrary commands on the system.
CVSS Base score: 7.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/287430 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Affected Product(s) | Version(s) |
---|---|
ICP - IBM Answer Retrieval for Watson Discovery | All |
ICP - IBM Answer Retrieval for Watson Discovery | All |
ICP - IBM Answer Retrieval for Watson Discovery | All |
ICP - IBM Answer Retrieval for Watson Discovery | All |
ICP - IBM Answer Retrieval for Watson Discovery | All |
Product(s) | **Version(s) number and/or range ** | Remediation/Fix/Instructions |
---|---|---|
IBM Answer Retrieval for Watson Discovery | < 2.17.0 | Download and install v2.17.0 |
Follow instructions in the downloaded package. |
N/A
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | answer_retrieval_for_watson_discovery_on_prem | 2.7.0 | cpe:2.3:a:ibm:answer_retrieval_for_watson_discovery_on_prem:2.7.0:*:*:*:*:*:*:* |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
15.5%