IBM926AFED0BAB0DC6F68CF27AB7C64F2D58E5C25CB8ED53FB2502E38ABCEF3F3B5Security Bulletin: Due to use of Apache Pulsar, IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library is vulnerable to a security restrictions bypass.
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
EPSS
Percentile
50.0%
Summary
Pulsar is used by IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library. [CVE-2023-30428, CVE-2023-30429, CVE-2023-37579 and CVE-2023-31007] The below vulnerabilities have been addressed.
Vulnerability Details
CVEID:CVE-2023-30428
**DESCRIPTION:**Apache Pulsar could allow a remote attacker to bypass security restrictions, caused by improper authorization validation for Rest Producer. By sending a specially crafted request, an attacker could exploit this vulnerability to produce garbage messages to any topic in the cluster or produce messages to the topic level policies topic for other tenants and influence topic settings.
CVSS Base score: 7.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/260296 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID:CVE-2023-30429
**DESCRIPTION:**Apache Pulsar could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper authorization validation for Function Worker when using mTLS Authentication through Pulsar Proxy. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVSS Base score: 8.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/260295 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID:CVE-2023-37579
**DESCRIPTION:**Apache Pulsar could allow a remote authenticated attacker to obtain sensitive information, caused by improper authorization validation in the Function Worker. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain Sink/Source Credentials information, and use this information to launch further attacks against the affected system.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/260292 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
CVEID:CVE-2023-31007
**DESCRIPTION:**Apache Pulsar could allow a remote attacker to bypass security restrictions, caused by a flaw with broker does not always disconnect client when authentication data expires. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass access restrictions.
CVSS Base score: 9.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/260294 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|
Transport Module Common Integration Library
|
common-transportmodule-29_0 up to and including common-transportmodule-37_0
Remediation/Fixes
Product(s)
|
Version(s)
|
Remediation / First Fix
—|—|—
Transport Module Common Integration Library
|
common-transportmodule-38_0
|
Refer to release notice for the part number of the new package and instructions for the upgrade
Workarounds and Mitigations
None
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | tivoli_netcool_webtop | any | cpe:2.3:a:ibm:tivoli_netcool_webtop:any:*:*:*:*:*:*:* |
| ibm | tivoli_netcool\/omnibus | 8.1.0 | cpe:2.3:a:ibm:tivoli_netcool\/omnibus:8.1.0:*:*:*:*:*:*:* |
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
EPSS
Percentile
50.0%