IBMBCFE59AECDDB67845A4B618BFD6E41A20C550D57DD097AC67063BDCE4F60B5F5Security Bulletin: Multiple security vulnerabilities found in open source code that is shipped with IBM Security Verify Access
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
0.009 Low
EPSS
Percentile
82.2%
Summary
Source code scanning has found several open source vulnerabilites in the IBM Security Verify Access product. Verify Access has updated the packages as required.
Vulnerability Details
CVEID:CVE-2018-20574
**DESCRIPTION:**yaml-cpp is vulnerable to a denial of service, caused by an error in the SingleDocParser::HandleFlowMap function. By persuading a victim to open a specially-crafted YAML file, a remote attacker could exploit this vulnerability to consume all available stack resources and crash.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/154878 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID:CVE-2019-6285
**DESCRIPTION:**yaml-cpp is vulnerable to a denial of service, caused by a stack consumption in SingleDocParser::HandleFlowSequence function. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/155595 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID:CVE-2018-20573
**DESCRIPTION:**yaml-cpp is vulnerable to a denial of service, caused by an error in the Scanner::EnsureTokensInQueue function. By persuading a victim to open a specially-crafted YAML file, a remote attacker could exploit this vulnerability to consume all available stack resources and crash.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/154877 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID:CVE-2017-11692
**DESCRIPTION:**yaml-cpp is vulnerable to a denial of service, caused by an error in the Token& Scanner::peek function in scanner.cpp. By sending a β!2β string, a remote attacker could exploit this vulnerability to cause an assertion failurre.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/129747 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2010-4021
**DESCRIPTION:**MIT Kerberos could allow a remote authenticated attacker to bypass security restrictions, caused by the issuance of tickets not requested by a client by KDC due to KrbFastArmoredReq. An attacker could exploit this vulnerability to impersonate clients.
CVSS Base score: 2.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/63593 for the current score.
CVSS Vector: (AV:N/AC:H/Au:S/C:N/I:P/A:N)
CVEID:CVE-2010-1324
**DESCRIPTION:**MIT Kerberos could allow a remote attacker to bypass security restrictions, caused by the incorrect acceptance of RFC 3961 key-derivation checksums using RC4 keys when verifying the req-checksum in a KrbFastArmoredReq by KDC. An attacker could exploit this vulnerability to launch further attacks on the system.
CVSS Base score: 7.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/63589 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:C/A:N)
CVEID:CVE-2010-4020
**DESCRIPTION:**MIT Kerberos could allow a remote authenticated attacker to bypass security restrictions, caused by the incorrect acceptance of RFC 3961 key-derivation checksums using RC4 keys when verifying AD-SIGNEDPATH and AD-KDC-ISSUED authorization data by krb5 clients. An attacker could exploit this vulnerability to forge the AD-SIGNEDPATH signature.
CVSS Base score: 3.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/63592 for the current score.
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:P/A:N)
CVEID:CVE-2010-1323
**DESCRIPTION:**MIT Kerberos could allow a remote attacker to bypass security restrictions, caused by the incorrect acceptance of unkeyed checksums in the SAM-2 preauthentication challenge by krb5 clients. An attacker could exploit this vulnerability to affect the prompt text or modify the response sent to the KDC.
CVSS Base score: 5.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/63590 for the current score.
CVSS Vector: (AV:N/AC:H/Au:N/C:N/I:C/A:N)
CVEID:CVE-2018-5730
**DESCRIPTION:**MIT krb5 could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the LDAP Kerberos database. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass DN container check.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/139970 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)
CVEID:CVE-2018-20217
**DESCRIPTION:**MIT Kerberos 5 is vulnerable to a denial of service, caused by an reachable assertion flaw in the KDC. By sending a specially-crafted S4U2Self request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/154827 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2020-28196
**DESCRIPTION:**MIT Kerberos 5 (aka krb5) is vulnerable to a denial of service, caused by an unbounded recursion flaw in lib/krb5/asn.1/asn1_encode.c. By sending a specially-crafted ASN.1-encoded Kerberos message, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/191321 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
**IBM X-Force ID:**217968
**DESCRIPTION:**FasterXML jackson-databind is vulnerable to a denial of service, caused by an error when using JDK serialization to serialize and deserialize JsonNode values. By sending a specially crafted request, an attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/217968 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Security Verify Access | 10.0.0 |
| IBM Security Verify Access Docker | 10.0.0 |
Remediation/Fixes
IBM encourages customers to update their systems promptly.
For the ISAM/ISVA appliances
Affected Products and Versions
|
Fix availability
β|β
IBM Security Verify Access 10.0.0.0
|
IBM Security Verify Access (Container)
For Version 10.0.0.0
- Obtain the latest version of the container by running the following command βdocker pull ibmcom/verify-access:[tag]β
Where [tag] is the latest published version and can be confirmed here
Workarounds and Mitigations
None
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
0.009 Low
EPSS
Percentile
82.2%