Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs

2023-01-3013:46:22

www.ibm.com

ibm cloud pak

watson aiops

libexpat

gnupg libksba

sqlite

vulnerabilities

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.017

Percentile

88.0%

JSON

Summary

Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps version 3.6.1

Vulnerability Details

CVEID:CVE-2022-40674
**DESCRIPTION:**libexpat could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the doContent function in xmlparse.c. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/236116 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2022-3515
**DESCRIPTION:**GnuPG Libksba could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the CRL parser. By sending a specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/239062 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2020-35525
**DESCRIPTION:**SQlite is vulnerable to a denial of service, caused by a NULL pointer derreference flaw in the INTERSEC query processing. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/235225 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2020-35527
**DESCRIPTION:**SQlite could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds memory access flaw through ALTER TABLE for views that have a nested FROM clause… By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/235226 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x
IBM Cloud Pak for Watson AIOps	3.x

Remediation/Fixes

IBM strongly suggests that you address the vulnerabilities now for all affected products/versions listed above by installing Fix:

<https://www.ibm.com/docs/en/cloud-paks/cloud-pak-watson-aiops/3.6.1?topic=upgrading>

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmwebsphere_automation_for_ibm_cloud_pak_for_watson_aiopsMatch3.6.1

VendorProductVersionCPE
ibmwebsphere_automation_for_ibm_cloud_pak_for_watson_aiops3.6.1cpe:2.3:a:ibm:websphere_automation_for_ibm_cloud_pak_for_watson_aiops:3.6.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	websphere_automation_for_ibm_cloud_pak_for_watson_aiops	3.6.1	cpe:2.3:a:ibm:websphere_automation_for_ibm_cloud_pak_for_watson_aiops:3.6.1:::::::*