IBM99FF29A09D0BE890AC564DB3DCDD94AB865214B4608F992E9C022C86A3C17076Security Bulletin: Vulnerability in Node.js- CVE-2021-22959, CVE-2021-22960 may affect IBM Watson Assistant for IBM Cloud Pak for Data.
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.003 Low
EPSS
Percentile
64.8%
Summary
Potential vulnerabilities in Node.js CVE-2021-22959, CVE-2021-22960 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information.
Vulnerability Details
CVEID:CVE-2021-22959
**DESCRIPTION:**Node.js is vulnerable to HTTP request smuggling, caused by an error related to a space in headers. A remote attacker could send a specially-crafted request with a space (SP) right after the header name before the colon to lead to HTTP Request Smuggling (HRS). An attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/211168 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVEID:CVE-2021-22960
**DESCRIPTION:**Node.js is vulnerable to HTTP request smuggling, caused by an error when parsing the body of chunked requests. A remote attacker could send a specially-crafted request to lead to HTTP Request Smuggling (HRS). An attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/211171 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Watson Assistant for Cloud Pak for Data | 1.5.0, 4.0.0. 4.0.2, 4.0.4, 4.0.5 |
Remediation/Fixes
For all affected versions, IBM strongly recommends addressing the vulnerability now by upgrading to the upcoming latest (v4.0.6) release of IBM Watson Assistant for IBM Cloud Pak for Data which maintains backward compatibility with the versions listed above.
| Product Latest Version | Remediation/Fix/Instructions |
|---|---|
| IBM Watson Assistant for IBM Cloud Pak for Data 4.0.6 |
Follow instructions for Installing Watson Assistant in Link to Release (v4.0.6 release information)
<https://www.ibm.com/docs/en/cloud-paks/cp-data/4.0?topic=assistant-installing-watson>
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| watson developer cloud | eq | 4.0.6 |
Related
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.003 Low
EPSS
Percentile
64.8%