Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM6006C997910D282CCDD8CE7CA2B67C0CE8A2216EC7313A57586935EE815B6C17
HistorySep 13, 2024 - 6:52 p.m.

Security Bulletin: IBM Security QRadar Offenses Forwarder App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities (CVE-2023-26159, CVE-2022-40023, CVE-2022-25883)

2024-09-1318:52:06
www.ibm.com
7
ibm
qradar
offenses forwarder
vulnerable
known vulnerabilities
update
version 1.2.0
security advisory

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.8

Confidence

High

JSON

Summary

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. The update addresses these issues.

Vulnerability Details

CVEID:CVE-2023-26159
**DESCRIPTION:**follow-redirects could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using a specially crafted URL to redirect a victim to arbitrary Web sites.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/278622 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID:CVE-2022-40023
**DESCRIPTION:**Sqlalchemy mako is vulnerable to a denial of service, caused by a regular expression denial of service when using the Lexer class to parse. By sending a victim to specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/235487 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2022-25883
**DESCRIPTION:**Node.js semver package is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the new Range function. By providing specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/258647 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

Affected Product(s) Version(s)
Offenses Forwarder 1.0.0 - 1.1.0

Remediation/Fixes

IBM strongly recommends that customers update their systems promptly.

IBM Security QRadar Offenses Forwarder 1.2.0 addresses these issues.

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmqradar_network_securityMatch7.5.0
VendorProductVersionCPE
ibmqradar_network_security7.5.0cpe:2.3:a:ibm:qradar_network_security:7.5.0:*:*:*:*:*:*:*

Related

oraclelinux 5
openvas 11
osv 23
nessus 44
debian 1
amazon 1
redhat 11
veracode 3
mageia 1
cvelist 3
nvd 3
cbl_mariner 6
ibm 54
redos 1
ubuntu 2
debiancve 3
prion 3
redhatcve 3
ubuntucve 3
alpinelinux 1
github 4
almalinux 5
cve 3
cgr 2
wolfi 1
fedora 1
rocky 1
oraclelinux
oraclelinux
python-mako security update
2023-05-24 00:00:00
python-mako security update
2023-05-15 00:00:00
nodejs:18 security, bug fix, and enhancement update
2023-09-28 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5625-1)
2022-09-22 00:00:00
Huawei EulerOS: Security Advisory for python-mako (EulerOS-SA-2023-1514)
2023-03-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:3979-1)
2022-11-16 00:00:00
osv
osv
Moderate: python-mako security update
2023-05-16 00:00:00
CVE-2022-40023
2022-09-07 13:15:09
mako is vulnerable to Regular Expression Denial of Service
2022-09-16 17:20:25
nessus
nessus
CBL Mariner 2.0 Security Update: python-mako (CVE-2022-40023)
2023-03-28 00:00:00
Oracle Linux 8 : python-mako (ELSA-2023-2893)
2023-05-24 00:00:00
EulerOS Virtualization 3.0.6.6 : python-mako (EulerOS-SA-2023-2416)
2023-07-26 00:00:00
debian
debian
[SECURITY] [DLA 3116-1] mako security update
2022-09-21 16:05:39
amazon
amazon
Medium: python-mako
2023-07-20 17:29:00
redhat
redhat
(RHSA-2023:2258) Moderate: python-mako security update
2023-05-09 05:05:14
(RHSA-2023:2893) Moderate: python-mako security update
2023-05-16 05:57:29
(RHSA-2023:4341) Moderate: Logging Subsystem 5.7.4 - Red Hat OpenShift bug fix and security update
2023-08-02 13:47:42
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2022-09-08 04:31:41
Regular Expression Denial Of Service (ReDoS)
2023-06-29 11:12:31
Open Redirect
2024-01-03 10:31:20
mageia
mageia
Updated python-mako packages fix security vulnerability
2022-10-01 20:48:24
cvelist
cvelist
CVE-2022-40023
2022-09-07 00:00:00
CVE-2022-25883
2023-06-21 05:00:03
CVE-2023-26159
2024-01-02 05:00:00
nvd
nvd
CVE-2022-40023
2022-09-07 13:15:09
CVE-2023-26159
2024-01-02 05:15:08
CVE-2022-25883
2023-06-21 05:15:09
cbl_mariner
cbl_mariner
CVE-2022-25883 affecting package nodejs for versions less than 16.20.1-2
2023-08-03 02:51:21
CVE-2022-40023 affecting package python-mako for versions less than 1.2.2-1
2022-10-05 23:33:42
CVE-2022-40023 affecting package python-mako 1.0.7-4
2022-10-04 07:51:29
ibm
ibm
Security Bulletin: semver-6.3.0.tgz is vulnerable to CVE-2022-25883 used in IBM Maximo Application Suite - Monitor Component
2023-09-26 18:24:30
Security Bulletin: Vulnerability in node.js package may affect IBM Storage Scale GUI (CVE-2022-25883)
2023-09-21 15:28:31
Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to regular expression denial of service due to [CVE-2022-25883]
2023-12-14 10:33:20
redos
redos
ROS-20230428-02
2023-04-28 00:00:00
ubuntu
ubuntu
Mako vulnerability
2022-11-15 00:00:00
Mako vulnerability
2022-09-21 00:00:00
debiancve
debiancve
CVE-2022-25883
2023-06-21 05:15:09
CVE-2022-40023
2022-09-07 13:15:09
CVE-2023-26159
2024-01-02 05:15:08
prion
prion
Design/Logic Flaw
2022-09-07 13:15:00
Code injection
2023-06-21 05:15:00
Input validation
2024-01-02 05:15:00
redhatcve
redhatcve
CVE-2022-40023
2022-09-22 07:49:05
CVE-2022-25883
2023-07-12 14:35:38
CVE-2023-26159
2024-01-02 07:30:34
ubuntucve
ubuntucve
CVE-2022-40023
2022-09-07 00:00:00
CVE-2022-25883
2023-06-21 00:00:00
CVE-2023-26159
2024-01-02 00:00:00
alpinelinux
alpinelinux
CVE-2022-40023
2022-09-07 13:15:09
github
github
mako is vulnerable to Regular Expression Denial of Service
2022-09-16 17:20:25
Stylelint has vulnerability in semver dependency
2023-07-07 20:32:55
semver vulnerable to Regular Expression Denial of Service
2023-06-21 06:30:28
almalinux
almalinux
Moderate: python-mako security update
2023-05-16 00:00:00
Moderate: python-mako security update
2023-05-09 00:00:00
Important: nodejs:18 security, bug fix, and enhancement update
2023-09-26 00:00:00
cve
cve
CVE-2022-40023
2022-09-07 13:15:09
CVE-2022-25883
2023-06-21 05:15:09
CVE-2023-26159
2024-01-02 05:15:08
cgr
cgr
CVE-2022-25883 vulnerabilities
2024-05-19 03:07:16
CVE-2023-26159 vulnerabilities
2024-05-19 03:07:16
wolfi
wolfi
CVE-2023-26159 vulnerabilities
2024-09-19 09:11:50
fedora
fedora
[SECURITY] Fedora 39 Update: pgadmin4-7.8-3.fc39
2024-01-23 00:58:56
rocky
rocky
nodejs:18 security, bug fix, and enhancement update
2023-10-05 21:35:58

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.8

Confidence

High

JSON
Related for 6006C997910D282CCDD8CE7CA2B67C0CE8A2216EC7313A57586935EE815B6C17
oraclelinux5openvas11osv23nessus44debian1amazon1redhat11veracode3mageia1cvelist3nvd3cbl_mariner6ibm54redos1ubuntu2debiancve3prion3redhatcve3ubuntucve3alpinelinux1github4almalinux5cve3cgr2wolfi1fedora1rocky1