Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM5EBDDE4F23BDE648A3D8ACD5EF59DF70B5EA28E4307897A3AD81A01D099D7AEA
HistoryJan 12, 2023 - 5:19 p.m.

Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities

2023-01-1217:19:56
www.ibm.com
20

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.01 Low

EPSS

Percentile

83.4%

JSON

Summary

IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security (CP4S).

Vulnerability Details

CVEID:CVE-2021-3918
**DESCRIPTION:**Json-schema could allow a remote attacker to execute arbitrary code on the system, caused by an improperly controlled modification of object prototype attributes. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/213750 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2020-1747
**DESCRIPTION:**PyYAML could allow a remote attacker to execute arbitrary code on the system, caused by an error when processing untrusted YAML files through the full_load method or with the FullLoader loader. By abusing the python/object/new constructor, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/178416 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2020-13091
**DESCRIPTION:**pandas could allow a remote attacker to execute arbitrary commands on the system, caused by an unsafe deserialization in the read_pickle function. By sending a s__reduce__ makes an os.system call, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/182005 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-1996
**DESCRIPTION:**go-restful could allow a remote attacker to bypass security restrictions, caused by improper regular expression implementation in the CORS Filter feature. By sending a specially-crafted request using the AllowedDomains parameter, an attacker could exploit this vulnerability to break CORS policy and allow any page to make requests.
CVSS Base score: 9.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/228317 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N)

CVEID:CVE-2022-21235
**DESCRIPTION:**VCS could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input. By using a specially-crafted argument, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVSS Base score: 8.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/223480 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2021-42740
**DESCRIPTION:**Node.js shell-quote module could allow a remote attacker to execute arbitrary commands on the system, caused by a flaw with windows drive letter regex. By sending a specially-crafted shell metacharacters, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/211858 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2020-26892
**DESCRIPTION:**NATS server and NATS JWT could allow a remote attacker to bypass security restrictions, caused by improper credential expiration handling in the JWT library. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to bypass access restrictions to create and sign a User JWT with a state not created by the normal tooling.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/191005 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID:CVE-2021-29469
**DESCRIPTION:**Node Redis redis module for Node.js is vulnerable to a denial of service, caused by a regular expression denial of service flaw in monitor mode. By sending specially-crafted regex input, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/200618 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
Cloud Pak for Security (CP4S) 1.10.0.0 - 1.10.6.0

Remediation/Fixes

IBM encourages customers to update their systems promptly.

Please upgrade to at least CP4S 1.10.7.0 following these instructions: <https://www.ibm.com/docs/en/cloud-paks/cp-security/1.10?topic=installing-upgrading-cloud-pak-security&gt;

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm cloud pak for securityeq10

Related

prion 9
osv 25
ubuntucve 8
debiancve 8
cve 9
ibm 15
github 9
redhatcve 5
redhat 6
veracode 7
gitlab 1
nessus 51
openvas 5
mageia 3
debian 1
suse 10
fedora 8
freebsd 2
altlinux 1
cbl_mariner 1
ubuntu 1
alpinelinux 3
nodejs 1
huntr 2
cnvd 1
cgr 1
gentoo 1
attackerkb 1
rocky 2
almalinux 1
githubexploit 1
prion
prion
Design/Logic Flaw
2020-05-15 19:15:00
Command injection
2021-10-21 15:15:00
Command injection
2022-04-01 16:15:00
osv
osv
PYSEC-2020-73
2020-05-15 19:15:00
Incorrect handling of credential expiry by /nats-io/nats-server
2022-02-11 23:42:20
Command Injection Vulnerability with Mercurial in VCS
2022-04-01 14:05:33
ubuntucve
ubuntucve
CVE-2020-13091
2020-05-15 00:00:00
CVE-2020-26892
2020-11-06 00:00:00
CVE-2021-42740
2021-10-21 00:00:00
debiancve
debiancve
CVE-2020-13091
2020-05-15 19:15:00
CVE-2021-42740
2021-10-21 15:15:00
CVE-2020-26892
2020-11-06 08:15:00
cve
cve
CVE-2020-13091
2020-05-15 19:15:00
CVE-2021-42740
2021-10-21 15:15:00
CVE-2020-26892
2020-11-06 08:15:00
ibm
ibm
Security Bulletin: A security vulnerability in Node.js shell-quote affects IBM Cloud Pak for Multicloud Management Managed Services [CVE-2021-42740]
2022-12-22 09:27:42
Security Bulletin: IBM Edge Application Manager 4.5 addresses the security vulnerability listed in the CVE below.
2023-05-31 05:42:47
Security Bulletin: Vulnerability in Json-schema library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2021-3918)
2022-07-14 02:18:15
github
github
Incorrect handling of credential expiry by /nats-io/nats-server
2021-05-21 16:11:49
Improper Neutralization of Special Elements used in a Command in Shell-quote
2022-05-24 19:18:27
Incorrect handling of credential expiry by /nats-io/nats-server
2022-02-11 23:42:20
redhatcve
redhatcve
CVE-2022-21235
2023-06-15 14:14:40
CVE-2020-1747
2020-03-02 09:41:10
CVE-2021-3918
2021-11-18 18:01:43
redhat
redhat
(RHSA-2023:4582) Moderate: Release of containers for Red Hat OpenStack Platform 17.1 director Operator
2023-08-16 00:07:42
(RHSA-2023:3229) Important: openshift-gitops-kam security update
2023-05-18 15:47:49
(RHSA-2023:3557) Important: openshift-gitops-kam security update
2023-06-09 15:35:00
veracode
veracode
Command Injection
2021-10-22 03:55:20
Insecure Session Management
2021-05-24 09:24:55
Remote Code Execution
2020-03-03 03:39:05
gitlab
gitlab
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
2022-04-01 00:00:00
nessus
nessus
Fedora 30 : PyYAML (2020-40c35d7b37)
2020-03-30 00:00:00
Debian DLA-3228-1 : node-json-schema - LTS security update
2022-12-07 00:00:00
Photon OS 1.0: Pyyaml PHSA-2020-1.0-0290
2020-04-29 00:00:00
openvas
openvas
Fedora: Security Advisory for PyYAML (FEDORA-2020-e9741a6a15)
2020-03-29 00:00:00
Fedora: Security Advisory for PyYAML (FEDORA-2020-40c35d7b37)
2020-03-29 00:00:00
Fedora: Security Advisory for PyYAML (FEDORA-2020-bdb0bfa928)
2020-03-29 00:00:00
mageia
mageia
Updated python-yaml packages fix security vulnerability
2020-04-03 01:48:49
Updated nodejs-json-schema packages fix security vulnerability
2022-12-14 01:09:19
Updated python-yaml packages fix security vulnerability
2021-03-12 04:25:47
debian
debian
[SECURITY] [DLA 3228-1] node-json-schema security update
2022-12-06 19:15:29
suse
suse
Security update for python-PyYAML (important)
2020-05-11 00:00:00
Security update for python-PyYAML (important)
2020-04-12 00:00:00
Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer (important)
2022-09-22 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: PyYAML-5.3.1-1.fc32
2020-03-29 00:16:56
[SECURITY] Fedora 30 Update: PyYAML-5.3.1-1.fc30
2020-03-27 10:46:20
[SECURITY] Fedora 31 Update: PyYAML-5.3.1-1.fc31
2020-03-27 13:10:48
freebsd
freebsd
py-yaml -- FullLoader (still) exploitable for arbitrary command execution
2020-03-02 00:00:00
PyYAML -- arbitrary code execution
2020-07-22 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package python-module-yaml version 5.4.1-alt0.p9
2021-03-22 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-1747 affecting package PyYAML 5.2-1
2023-11-10 17:45:58
ubuntu
ubuntu
JSON Schema vulnerability
2023-05-24 00:00:00
alpinelinux
alpinelinux
CVE-2020-1747
2020-03-24 15:15:00
CVE-2022-1996
2022-06-08 13:15:00
CVE-2020-14343
2021-02-09 21:15:00
nodejs
nodejs
Regular Expression Denial of Service
2021-05-04 03:47:22
huntr
huntr
Prototype Pollution in kriszyp/json-schema
2021-10-03 13:08:43
Authorization Bypass Through User-Controlled Key
2022-03-07 13:57:33
cnvd
cnvd
json-schema has an unspecified vulnerability
2021-11-16 00:00:00
cgr
cgr
CVE-2022-1996 vulnerabilities
2024-04-19 03:23:19
gentoo
gentoo
PyYAML: Arbitrary Code Execution
2024-02-26 00:00:00
attackerkb
attackerkb
CVE-2020-14343
2021-02-09 00:00:00
rocky
rocky
python38:3.8 and python38-devel:3.8 security update
2021-06-29 13:57:32
python38:3.8 security, bug fix, and enhancement update
2020-11-03 12:23:02
almalinux
almalinux
Moderate: python38:3.8 and python38-devel:3.8 security update
2021-06-29 13:57:32
githubexploit
githubexploit
Exploit for Improper Input Validation in Pyyaml
2021-06-27 06:56:15

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.01 Low

EPSS

Percentile

83.4%

JSON
Related for 5EBDDE4F23BDE648A3D8ACD5EF59DF70B5EA28E4307897A3AD81A01D099D7AEA
prion9osv25ubuntucve8debiancve8cve9ibm15github9redhatcve5redhat6veracode7gitlab1nessus51openvas5mageia3debian1suse10fedora8freebsd2altlinux1cbl_mariner1ubuntu1alpinelinux3nodejs1huntr2cnvd1cgr1gentoo1attackerkb1rocky2almalinux1githubexploit1