IBMBB66A3BD07FA87365AD6C05346002312AC4D76DF3D56B213CFE7E364C3EE58E2Security Bulletin: IBM Security Verify Information Queue uses a Google gRPC framework with multiple vulnerabilities (CVE-2017-7860, CVE-2017-7861, CVE-2017-9431)
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
79.2%
Summary
The connect image in IBM Security Verify Information Queue (ISIQ) v10.0.2 uses an older version of the Google RPC (gRPC) framework that is vulnerable to denial of service and buffer overflow attacks. ISIQ v10.0.3 upgraded its connect image to include a newer gRPC level that remediates the vulnerabilities. (CVE-2017-7860, CVE-2017-7861, CVE-2017-9431)
Vulnerability Details
CVEID:CVE-2017-7860
**DESCRIPTION:**Google gRPC is vulnerable to a denial of service, caused by a heap-based buffer overflow in parse_unix function in core/ext/client_channel/parse_address.c. An attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/124650 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:CVE-2017-7861
**DESCRIPTION:**Google gRPC is vulnerable to a denial of service, caused by an out-of-bounds write in gpr_free function in core/lib/support/alloc.c. An attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/124651 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:CVE-2017-9431
**DESCRIPTION:**Google gRPC is vulnerable to a heap-based buffer overflow, caused by an out-of-bounds write in core/lib/iomgr/error.c. By sending a specially-crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/127196 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Security Verify Information Queue | 10.0.2 |
Remediation/Fixes
IBM encourages customers to update their systems promptly.
Download and install the latest ISIQ images, tagged at 10.0.3 or greater, from the ISIQ Starter Kit page at <https://www.ibm.com/support/pages/ibm-security-information-queue-starter-kit>
Workarounds and Mitigations
None
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | security_verify_information_queue | 10.0.2 | cpe:2.3:a:ibm:security_verify_information_queue:10.0.2:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
79.2%