Security Bulletin: IBM Watson OpenScale on Cloud Pak for Data is impacted by Vulnerabilities in Node.js

Summary

IBM Watson OpenScale on Cloud Pak for Data has addressed CVE-2021-23337, CVE-2021-23327, CVE-2021-23334, CVE-2021-27191, CVE-2021-23335.

Vulnerability Details

CVEID:CVE-2021-23337
**DESCRIPTION:**Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVSS Base score: 7.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/196797 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2021-23327
**DESCRIPTION:**Node.js apexcharts module is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the graph legend fields. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVSS Base score: 6.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/196805 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)

CVEID:CVE-2021-23334
**DESCRIPTION:**Node.js static-eval module could allow a remote attacker to execute arbitrary code on the system, caused by a code injection flaw in FunctionExpressions and TemplateLiterals. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/196806 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2021-27191
**DESCRIPTION:**Node.js get-ip-range module is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause resource exhaustion.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/196800 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2021-23335
**DESCRIPTION:**Node.js is-user-valid module could allow a remote attacker to obtain sensitive information, caused by a LDAP injection flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/196807 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

Remediation/Fixes

Upgrade to Refresh 4 of ‘IBM Cloud Pak for Data 3.5.0’. In order to upgrade, please consult the online documentation of IBM Cloud Pak for Data Version 3.5.0

Workarounds and Mitigations

None