Lucene search

IBM1E482BD8DBFD76EA517B83D212AA05AA38DC78699883D34ACF743E1913412C52

HistoryNov 21, 2022 - 5:19 a.m.

Security Bulletin: Vulnerability from Apache Kafka affect IBM Operations Analytics - Log Analysis (CVE-2018-17196)

2022-11-2105:19:56

www.ibm.com

apache kafka

ibm operations analytics

log analysis

cve-2018-17196

input validation

security bypass

remote attacker

acl validation

version 1.3.7.2

upgrade

interim fix 3

logstash installation

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

46.9%

JSON

Summary

Apache Kafka is vulnerable to improper input validation that could allow remote attacker to bypass security restrictions.

Vulnerability Details

CVEID:CVE-2018-17196
**DESCRIPTION:**Apache Kafka could allow a remote authenticated attacker to bypass security restrictions, caused by improper input validation. By sending a specially-crafted Produce request, an attacker could exploit this vulnerability to bypass transaction/idempotent ACL validation.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/163622 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)

Affected Products and Versions

Affected Product(s)	Version(s)
Log Analysis	1.3.5.3
Log Analysis	1.3.6.0
Log Analysis	1.3.6.1
Log Analysis	1.3.7.0
Log Analysis	1.3.7.1
Log Analysis	1.3.7.2

Remediation/Fixes

Version	Fix details
IBM Operations Analytics - Log Analysis version 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2	Upgrade to Log Analysis version 1.3.7.2 Interim Fix 3. Download the 1.3.7.2-TIV-IOALA-IF003 and apply fix on Logstash installation.

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmsmartcloud_analytics_log_analysisMatch1.3.5.3

ibmsmartcloud_analytics_log_analysisMatch1.3.6.0

ibmsmartcloud_analytics_log_analysisMatch1.3.6.1

ibmsmartcloud_analytics_log_analysisMatch1.3.7.0

ibmsmartcloud_analytics_log_analysisMatch1.3.7.1

ibmsmartcloud_analytics_log_analysisMatch1.3.7.2

CPENameOperatorVersion
ibm smartcloud analyticseq1.3.5.3
ibm smartcloud analyticseq1.3.6.0
ibm smartcloud analyticseq1.3.6.1
ibm smartcloud analyticseq1.3.7.0
ibm smartcloud analyticseq1.3.7.1
ibm smartcloud analyticseq1.3.7.2

Name	Operator	Version
ibm smartcloud analytics	eq	1.3.5.3
ibm smartcloud analytics	eq	1.3.6.0
ibm smartcloud analytics	eq	1.3.6.1
ibm smartcloud analytics	eq	1.3.7.0
ibm smartcloud analytics	eq	1.3.7.1
ibm smartcloud analytics	eq	1.3.7.2