Lucene search

IBM6D699798B8F39EB564F15CD514E32D99A517EA613E67CA04D4406F00EDF11A1B

HistorySep 15, 2023 - 1:29 p.m.

Security Bulletin: Vulnerabilities in cURL libcurl might affect IBM Spectrum Copy Data Management

2023-09-1513:29:27

www.ibm.com

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

59.7%

JSON

Summary

IBM Spectrum Copy Data Management can be affected by vulnerabilities in cURL libcurl. Vulnerabilities include exploiting the vulnerabilities to reuse a previously created connection even when the GSS delegation, to pass on user name and “telnet options” for the server negotiation, to cause a denial of service condition, to obtain sensitive information from other directory and use this information to launch further attacks against the affected system, to reuse a previously created connection even when an SSH related option had been changed, and to reuse a previously created FTP connection, as described by the CVEs in the “Vulnerability Details” section. The vulnerabilities have been addressed.

Vulnerability Details

CVEID:CVE-2023-27536
**DESCRIPTION:**cURL libcurl could allow a remote attacker to bypass security restrictions, caused by a GSS delegation too eager connection re-use flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to reuse a previously created connection even when the GSS delegation.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/250531 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2023-27533
**DESCRIPTION:**cURL libcurl could allow a remote attacker to bypass security restrictions, caused by a TELNET option IAC injection flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to pass on user name and “telnet options” for the server negotiation.
CVSS Base score: 8.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/250476 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N)

CVEID:CVE-2023-27537
**DESCRIPTION:**cURL libcurl is vulnerable to a denial of service, caused by a double free or use-after-free flaw when sharing HSTS data between separate “handles”. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/250532 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-27534
**DESCRIPTION:**cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a SFTP path ~ resolving discrepancy flaw. By sending a specially crafted request using a tilde (~) character, an attacker could exploit this vulnerability to obtain sensitive information from other directory, and use this information to launch further attacks against the affected system.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/250529 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2023-27538
**DESCRIPTION:**cURL libcurl could allow a local attacker to bypass security restrictions, caused by a SSH connection too eager reuse still flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to reuse a previously created connection even when an SSH related option had been changed.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/250533 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)

CVEID:CVE-2023-27535
**DESCRIPTION:**cURL libcurl could allow a remote attacker to bypass security restrictions, caused by a FTP too eager connection reuse flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to reuse a previously created FTP connection.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/250530 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Spectrum Copy Data Management	2.2.0.0 - 2.2.20.1

Remediation/Fixes

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm spectrum copy data managementeq2.2

CPE	Name	Operator	Version
	ibm spectrum copy data management	eq	2.2

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

59.7%

JSON

Related for 6D699798B8F39EB564F15CD514E32D99A517EA613E67CA04D4406F00EDF11A1B