SB2022062414 - Multiple vulnerabilities in IBM Security Guardium
Published: June 24, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Protection mechanism failure (CVE-ID: CVE-2019-10086)
The vulnerability allows a remote attacker to bypass certain security restrictions.
The vulnerability exist due to Beanutils is not using by default the a special BeanIntrospector class in PropertyUtilsBean that was supposed to suppress the ability for an attacker to access the classloader via the class property available on all Java objects. A remote attacker can abuse such application behavior against applications that were developed to rely on this security feature.
2) Improper Privilege Management (CVE-ID: CVE-2021-41617)
The vulnerability allows a local user to escalate privileges.
The vulnerability exists due to improper privilege management in sshd, when certain non-default configurations are used, because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and
AuthorizedPrincipalsCommand may run with privileges associated with
group memberships of the sshd process, if the configuration specifies
running the command as a different user. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.
References
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-cve-2019-10086-cve-2021-41617/"
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-cve-2019-10086-cve-2021-41617/</a><br><a
- https://www.ibm.com/support/pages/node/6597283"
- https://www.ibm.com/support/pages/node/6597283</a><br><br><br></p>