Lucene search

K
ibmIBMEDC4C5C80C00EE4AC9AA2C2F8FC5CF316B401A50DA42A577EE4FA380D4A47809
HistoryDec 03, 2018 - 2:30 p.m.

Security Bulletin: IBM QRadar SIEM is vulnerable to Using Components with Known Vulnerabilities

2018-12-0314:30:01
www.ibm.com
42

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.783 High

EPSS

Percentile

98.3%

Summary

The product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools.

Vulnerability Details

CVEID: CVE-2017-16939
**Description:**Linux Kernel could allow a remote attacker to gain elevated privileges on the system, caused by an use-after-free in the Netlink socket subsystem XFRM. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain privileges.
**CVSS Base Score:**9.80
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135317&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVEID: CVE-2018-1000199
**Description:**Linux Kernel is vulnerable to a denial of service, caused by a ptrace() error handling flaw. By invoking the modify_user_hw_breakpoint() function, a local attacker could exploit this vulnerability to cause the kernel to crash.
**CVSS Base Score:**6.20
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142654&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVEID: CVE-2018-10675
**Description:**Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in the do_get_mempolicy function in mm/mempolicy.c. By using specially crafted system calls, a local attacker could exploit this vulnerability to cause a denial of service.
**CVSS Base Score:**6.20
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142895&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVEID: CVE-2018-1068
**Description:**Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by an error in the implementation of 32 bit syscall interface. An attacker could exploit this vulnerability to gain root privileges on the system.
**CVSS Base Score:**8.10
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140403&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CVEID: CVE-2018-1087
**Description:**Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by the improper handling of exceptions delivered after a stack switch operation using the MOV to SS and POP SS instructions by the KVM hypervisor. An attacker could exploit this vulnerability to gain elevated privileges or cause the guest to crash.
**CVSS Base Score:**8.40
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142976&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVEID: CVE-2018-1091
**Description:**Linux Kernel is vulnerable to a denial of service, caused by a missing processor feature check in the flush_tmregs_to_thread function. A local attacker could exploit this vulnerability to cause the guest kernel to crash.
**CVSS Base Score:**6.20
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140892&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVEID: CVE-2018-3620
**Description:**Multiple Intel CPU’s could allow a local attacker to obtain sensitive information, caused by a flaw in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks and via a terminal page fault, an attacker could exploit this vulnerability to leak information residing in the L1 data cache and read data belonging to different security contexts. Note: This vulnerability is also known as the “L1 Terminal Fault (L1TF)” or “Foreshadow” attack.
**CVSS Base Score:**7.10
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148318&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CVEID: CVE-2018-3646
**Description:**Multiple Intel CPU’s could allow a local attacker to obtain sensitive information, caused by a flaw in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks and via a terminal page fault, an attacker with guest OS privilege could exploit this vulnerability to leak information residing in the L1 data cache and read data belonging to different security contexts.
**CVSS Base Score:**7.10
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148319&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CVEID: CVE-2018-3665
**Description:**Intel Core-based microprocessors could allow a local attacker to obtain sensitive information, caused by utilizing the Lazy FP state restore technique for floating point state when context switching between application processes. By conducting targeted cache side-channel attacks, an attacker could exploit this vulnerability to determine register values of other processes. Note: This vulnerability is known as LazyFP.
**CVSS Base Score:**4.30
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144757&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

CVEID: CVE-2018-3693
**Description:**Intel Haswell Xeon, AMD PRO and ARM Cortex A57 CPUs could allow a local authenticated attacker to obtain sensitive information, caused by a bounds check bypass in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks, an attacker could exploit this vulnerability to cross the syscall boundary and read data from the CPU virtual memory.
**CVSS Base Score:**7.10
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/146191&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CVEID: CVE-2018-5390
**Description:**Linux Kernel is vulnerable to a denial of service, caused by an error in the tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions. By sending specially crafted packets within ongoing TCP sessions, a remote attacker could exploit this vulnerability to cause a denial of service.
**CVSS Base Score:**7.50
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147950&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVEID: CVE-2018-7566
**Description:**Linux Kernel is vulnerable to a buffer overflow, caused by improper bounds checking by user-supplied input. By using an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq, a local authenticated attacker could overflow a buffer and execute arbitrary code on the system.
**CVSS Base Score:**7.80
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141112&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVEID: CVE-2018-8897
**Description:**Multiple operating systems could allow a local authenticated attacker to gain elevated privileges on the system, caused by developer interpretation of hardware debug exception documentation for the MOV to SS and POP SS instructions. An attacker could exploit this vulnerability using operating system APIs to obtain sensitive memory information or control low-level operating system functions and other unexpected behavior.
**CVSS Base Score:**7.00
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142242&gt; for the current score
**CVSS Environmental Score:***Undefined
**CVSS Vector:**CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products and Versions

IBM QRadar SIEM 7.3.0 to 7.3.1 Patch 6

Remediation/Fixes

QRadar / QRM / QVM / QRIF / QNI 7.3.1 Patch 7

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm security qradar siemeq7.3

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.783 High

EPSS

Percentile

98.3%