Security Bulletin: IBM Security Verify Information Queue has multiple third-party library vulnerabilities

Main / Security Bulletin: IBM Security Verify Information Queue has multiple third-party library vulnerabilities

Discription

## Summary

IBM Security Verify Information Queue (ISIQ) v10.0.5 has remediated vulnerabilities in the third-party libraries that it uses.

## Vulnerability Details

** CVEID: **[CVE-2022-41946]()
** DESCRIPTION: **Postgresql JDBC could allow a local authenticated attacker to obtain sensitive information, caused by not limit access to created readable files in the TemporaryFolder. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVSS Base score: 6.3
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/240853]() for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N)

** CVEID: **[CVE-2022-31197]()
** DESCRIPTION: **PostgreSQL is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to PGJDBC implementation of the java.sql.ResultRow.refreshRow() method, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVSS Base score: 6.5
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/232820]() for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)

** CVEID: **[CVE-2022-23541]()
** DESCRIPTION: **Auth0 jsonwebtoken could allow a remote authenticated attacker to bypass security restrictions, caused by an insecure implementation of key retrieval function. By sending a specially-crafted request, an attacker could exploit this vulnerability to forge Public/Private Tokens from RSA to HMAC.
CVSS Base score: 5
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/242966]() for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L)

** CVEID: **[CVE-2022-23539]()
** DESCRIPTION: **Auth0 jsonwebtoken could provide weaker than expected security, caused by an unrestricted key type issue. A remote authenticated attacker could exploit this vulnerability to allow legacy keys usage and launch further attacks on the system.
CVSS Base score: 5.9
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/242968]() for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N)

** CVEID: **[CVE-2022-23529]()
** DESCRIPTION: **Auth0 jsonwebtoken could allow a remote authenticated attacker to execute arbitrary code on the system, caused by improper input validation by the jwt.verify function. By sending a specially-crafted request using the key retrieval parameter, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.5
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/242967]() for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

** CVEID: **[CVE-2022-23540]()
** DESCRIPTION: **Auth0 jsonwebtoken could allow a remote authenticated attacker to bypass security restrictions, caused by an insecure default algorithm flaw in the jwt.verify() function. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass signature validation.
CVSS Base score: 6.4
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/242969]() for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L)

** CVEID: **[CVE-2022-2047]()
** DESCRIPTION: **Eclipse Jetty could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the HttpURI class. By sending a specially-crafted request, an attacker could exploit this vulnerability to the HttpClient and ProxyServlet/AsyncProxyServlet/AsyncMiddleManServlet wrongly interpreting an authority with no host as one with a host.
CVSS Base score: 2.7
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/230668]() for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N)

** CVEID: **[CVE-2022-25881]()
** DESCRIPTION: **Node.js http-cache-semantics module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending a specially-crafted regex input using request header values, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.3
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/246089]() for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

** CVEID: **[CVE-2022-42003]()
** DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in the primitive value deserializers when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. By sending a specially-crafted request using deep wrapper array nesting, a local attacker could exploit this vulnerability to exhaust all available resources.
CVSS Base score: 6.2
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/237662]() for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

** CVEID: **[CVE-2022-42004]()
** DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in in the BeanDeserializer._deserializeFromArray function. By sending a specially-crafted request using deeply nested arrays, a local attacker could exploit this vulnerability to exhaust all available resources.
CVSS Base score: 6.2
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/237660]() for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

** CVEID: **[CVE-2021-38153]()
** DESCRIPTION: **Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to the use of “Arrays.equals” to validate a password or key. By utilizing brute-force attack techniques, an attacker could exploit this vulnerability to obtain credentials information, and use this information to launch further attacks against the affected system.
CVSS Base score: 7.5
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209762]() for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

** CVEID: **[CVE-2022-34917]()
** DESCRIPTION: **Apache Kafka is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to allocate large amounts of memory on brokers, and results in a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/236498]() for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

** CVEID: **[CVE-2023-25194]()
** DESCRIPTION: **Apache Kafka could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization when configuring the connector via the Kafka Connect REST API. By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service on the system.
CVSS Base score: 8.8
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/246698]() for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

** CVEID: **[CVE-2023-26048]()
** DESCRIPTION: **Eclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in the HttpServletRequest.getParameter() or HttpServletRequest.getParts() function. By sending a specially crafted multipart request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.3
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/253356]() for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

** CVEID: **[CVE-2023-25653]()
** DESCRIPTION: **Cisco node-jose is vulnerable to a denial of service, caused by improper calculations in ECC implementation. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause an infinite loop, and results in a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/247779]() for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

** CVEID: **[CVE-2022-25896]()
** DESCRIPTION: **Node.js passport module could allow a remote attacker to hijack a user’s session, caused by a session fixation vulnerability. An attacker could exploit this vulnerability to hijack sessions that were regenerated instead of closed.
CVSS Base score: 4.8
CVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/230257]() for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L)

** IBM X-Force ID: **217222
** DESCRIPTION: **Apache commons-dbcp could allow a remote authenticated attacker from within the local network to obtain sensitive information, caused by an error if a BasicDataSource is created with jmxName set. By using JMXBean, an attacker could exploit this vulnerability to expose/export the password property.
CVSS Base score: 3
CVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/217222 ]() for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N)

## Affected Products and Versions

Affected Product(s)| Version(s)
—|—
IBM Security Verify Information Queue| 10.0.4

## Remediation/Fixes

IBM encourages customers to update their systems promptly.

Download and install the latest ISIQ images, tagged at 10.0.5 or greater, from the ISIQ Starter Kit page at

## Workarounds and Mitigations

None

##Read More

References

Back to Main

Subscribe for the latest news: