IBMEF0CFDEF13C7C5D1CB10771EF70D5358190D886CCF7DA223C2D1F006C01B9667Security Bulletin: Due to the use of XStream, IBM Tivoli Netcool Configuration Manager is vulnerable to Denial of Service (DoS) attacks (CVE-2022-40153)
Summary
XStream is used in ITNCM to serialize XML data and may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by causing a stackoverflow. This effect may support a denial of service attack.
Vulnerability Details
CVEID:CVE-2022-40153
**DESCRIPTION:**XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow. By sending a specially-crafted XML data, a remote authenticated attacker could exploit this vulnerability to causes the parser to crash, and results in a denial of service condition.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/236356 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| ITNCM | 6.4.2 |
Remediation/Fixes
| Affected Product(s) | Version(s) | Remediation |
|---|---|---|
| ITNCM | 6.4.2 | Upgrade to ITNCM 6.4.2 Fix Pack 17 (6.4.2.17) |
ITNCM 6.4.2 Fix Pack 17 can be downloaded from Fix Central: 6.4.2-TIV-ITNCM-FP017
Workarounds and Mitigations
None
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| tivoli netcool configuration manager | eq | 6.4.2 | |
| tivoli netcool configuration manager | eq | 6.4.2 |
Related
