7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
43.0%
IBM® Db2® is vulnerable to an information disclosure vulnerability due to the consumed GSKit library.
CVEID:CVE-2023-33850
**DESCRIPTION:**IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 257132.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/257132 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Product(s) | Version(s) | Applicable Editions |
---|---|---|
IBM® Db2® |
10.5.0.x
|
Client and Server
IBM® Db2®|
11.1.4.x
|
Client and Server
IBM® Db2®|
11.5.x
|
Client and Server
All platforms are affected.
Earlier releases (10.1, 9.7 etc.) may also be affected, but they are no longer supported.
Customers running any vulnerable fixpack level of an affected Program, V10.5, v11.1 and V11.5, can download the special build containing the interim fix for this issue from Fix Central. These special builds are available based on the most recent fixpack level for each impacted release: V10.5 FP11, V11.1.4 FP7, and V11.5.8. They can be applied to any affected fixpack level of the appropriate release to remediate this vulnerability.
Release | Fixed in fix pack | APAR | Download URL |
---|---|---|---|
V10.5 | TBD | DT223175 | Special Build for V10.5 FP11: |
AIX 64-bit
HP-UX 64-bit
Linux 32-bit, x86-32
Linux 64-bit, x86-64
Linux 64-bit, POWER™ big endian
Linux 64-bit, POWER™ little endian
Linux 64-bit, System z®, System z9® or zSeries®
Solaris 64-bit, SPARC
Solaris 64-bit, x86-64
Windows 32-bit, x86
Windows 64-bit, x86
V11.1| TBD| DT223175| Special Build for V11.1.4 FP7:
AIX 64-bit
Linux 32-bit, x86-32
Linux 64-bit, x86-64
Linux 64-bit, POWER™ little endian
Linux 64-bit, System z®, System z9® or zSeries®
Solaris 64-bit, SPARC
Windows 32-bit, x86
Windows 64-bit, x86
V11.5| TBD| DT223175|
Special Build for V11.5.0:
Special Build for V11.5.7:
AIX 64-bit
Linux 32-bit, x86-32
Linux 64-bit, x86-64
Linux 64-bit, POWER™ little endian
Linux 64-bit, System z®, System z9® or zSeries®
Windows 32-bit, x86
Windows 64-bit, x86
Special Build for V11.5.8:
AIX 64-bit
Linux 32-bit, x86-32
Linux 64-bit, x86-64
Linux 64-bit, POWER™ little endian
Linux 64-bit, System z®, System z9® or zSeries®
Windows 32-bit, x86
Windows 64-bit, x86
IBM does not disclose key Db2 functionality nor replication steps for a vulnerability to avoid providing too much information to any potential malicious attacker. IBM does not want to enable a malicious attacker with sufficient knowledge to craft an exploit of the vulnerability.
Important:
Db2 releases with KI DT223175 will use the non-FIPS ICC for TLS ciphers that use RSA key exchange, as the FIPS certified ICC is vulnerable to CVE-2023-32342.
Customers with a requirement to use only FIPS 140 certified cryptographic modules must enable Strict FIPS mode. In strict FIPS mode, Db2 releases with KI DT223175 will disable all TLS ciphers and versions that are vulnerable to CVE-2023-32342 and will use only FIPS certified cryptographic modules.
The following restrictions will apply to TLS when strict mode is enabled:
To enable strict FIPS mode, set the DB2AUTH registry variable to STRICT_FIPS. If the DB2AUTH registry variable is already set, multiple options can be separated by commas.
db2set DB2AUTH=STRICT_FIPS
In an environment without a Db2 registry, such as the Data Server Driver, the DB2AUTH registry variable can be set in the environment.
Unix/Linux: export DB2AUTH=STRICT_FIPS
Windows: setx DB2AUTH STRICT_FIPS /m
If the LDAP authentication plugins are in use, the FIPS_MODE parameter can be set to STRICT in the IBMLDAPSecurity.ini
FIPS_MODE=STRICT
Db2 must be restarted(db2stop/db2start) for the changes to the DB2AUTH registry variable or IBMLDAPSecurity.ini to take effect.
Note: Customers using an IBM LDAP sever such as IBM Security Verify Directory 10.0, IBM Security Directory Suite 8.0, or IBM Security Directory Server 6.4 must explicitly enable TLS_ECDHE_RSA_WITH_AES_* ciphers if using an RSA certificate, or TLS_ECDHE_ECDSA_WITH_AES_* ciphers if using an ECDSA certificate before upgrading Db2 to a release with a fix for CVE-2023-32342. TLS 1.2 cipher settings can be found in the web administration tool under Server Administration > Manage Security Properties > Encryption.
Warning: Starting with KI DT223175, SERVER_ENCRYPT is deprecated. SERVER_ENCRYPT_AES is not compliant with the FIPS 140-3 standard, and will not work in strict FIPS mode when FIPS 140-3 certified cryptographic modules are introduced in a future version of Db2. SERVER_ENCRYPT without AES will continue to work in strict FIPS mode when FIPS 140-3 certified cryptographic modules are introduced in a future version of Db2.
Customers requiring encryption of sensitive credentials should disable SERVER_ENCRYPT_AES and switch to TLS 1.2 or TLS 1.3. TLS provides more secure protection of credentials and data compared to SERVER_ENCRYPT or SERVER_ENCRYPT_AES
To enable TLS, refer to TLS Configuration of Db2
Once TLS is enabled in the Db2 server and on all clients, to migrate clients to SERVER or SERVER_ENCRYPT authentication instead of SERVER_ENCRYPT_AES:
Removing the Authentication keyword will allow the client to negotiate SERVER, SERVER_ENCRYPT, or SERVER_ENCRYPT_AES based on what is offered by the Db2 server. Once the authentication keyword has been removed from the configuration of all clients, the following steps can be used to ensure the server does not request SERVER_ENCRYPT_AES.
Warning: If Db2 is configured to use SERVER authentication, and TLS is not configured, credentials will be exposed over the wire. Ensure TLS is configured before enabling SERVER authentication.
Note: Db2 must be restarted (db2stop/db2start) for these changes to take effect.
If a fix for DT223175 is not installed, to work around CVE-2023-32342 ciphers that use RSA key exchange must be disabled. Becase TLS 1.0 and 1.1 only support ciphers that use RSA key exchange, TLS 1.0 and 1.1 must also be disabled.
**
Client/Server SSL**
Enable TLS 1.2 and/or TLS 1.3. Note: TLS 1.3 is available starting with Db2 11.5.8
If TLS 1.2 is enabled, set SSL_CIPHERSPECS such that only TLS_ECDHE_RSA_* or TLS_ECDHE_ECDSA_* ciphers are enabled. Refer to the following document for a list of supported cipher suites: <https://www.ibm.com/docs/en/db2/11.5?topic=parameters-ssl-cipherspecs-supported-cipher-specifications-server>
KMIP
In the KMIP server, ensure that all TLS_RSA_* ciphersuites are disabled and only TLS_ECDHE_RSA_* or TLS_ECDHE_ECDSA_* ciphersuites are enabled. Refer to the KMIP server’s documentation on how to disable TLS ciphers. On Db2 11.5.8 or later, TLS 1.3 can be enforced as a workaround to CVE-2023-32342. Set the TLSVersion keyword to TLSV13 in the KMIP configuration file.
LDAP Plugins
Enable TLS 1.2 by setting the SECURITY_PROTOCOL keyword to TLSV12 in the IBMLDAPSecurity.ini
In the LDAP server, ensure that all TLS_RSA_* ciphersuites are disabled and only TLS_ECDHE_RSA_* or TLS_ECDHE_ECDSA_* ciphersuites are enabled for incoming connections. Refer to the LDAP server’s documentation on how to disable TLS ciphers.
CPE | Name | Operator | Version |
---|---|---|---|
db2 for linux, unix and windows | eq | 11.5 | |
db2 for linux, unix and windows | eq | 11.1 | |
db2 for linux, unix and windows | eq | 10.5 |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
43.0%