IBMB1AD691C5C28040FC5857C03E535DE139F44375AA8B51D6B53433AE02A653E5BSecurity Bulletin: IBM Security Verify Governance is vulnerable to multiple issues (CVE-2021-31403, CVE-2020-36320, CVE-2019-25028)
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
53.9%
Summary
IBM Security Verify Governance is vulnerable to several issues due to vulnerabilities in Vaadin JAR, which ISV Governance uses as a web app framework. The fix involves upgrading the Vaadin JAR to the patched version.
Vulnerability Details
CVEID:CVE-2021-31403
**DESCRIPTION:**Vaadin could allow a local attacker to obtain sensitive information, caused by using Non-constant-time comparison of CSRF tokens in UIDL request handler in com.vaadin:vaadin-server. By using a timing attack, an attacker could exploit this vulnerability to guess a security token for Fusion endpoints and then use this information to launch further attacks against the affected system.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/200632 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
CVEID:CVE-2020-36320
**DESCRIPTION:**Vaadin is vulnerable to a denial of service, caused by an unsafe validation of RegEx in EmailValidator class in com.vaadin:vaadin-server. By submitting specially-crafted email addresses, a remote attacker could exploit this vulnerability to cause an uncontrolled resource consumption.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/200612 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2019-25028
**DESCRIPTION:**Vaadin is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Grid component in com.vaadin:vaadin-server. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVSS Base score: 5.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/200610 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Security Verify Governance | 10.0 |
Remediation/Fixes
IBM encourages customers to upgrade their systems promptly.
Affected Product(s)
|
Version(s)
|
First Fix
—|—|—
IBM Security Verify Governance
|
10.0.1
|
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm security verify governance | eq | 10.0 |
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
53.9%