SB2024103020 - Multiple vulnerabilities in IBM Event Streams

Description

This security bulletin contains information about 9 secuirty vulnerabilities.

1) Security features bypass (CVE-ID: CVE-2023-0466)

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to an error within the X509_VERIFY_PARAM_add0_policy() function, which does not perform the certificate policy check despite being implicitly enabled. A remote attacker can bypass expected security restrictions and perform MitM attack.

2) Improper Verification of Cryptographic Signature (CVE-ID: CVE-2023-0465)

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to an error when validating certificate policies in leaf certificates. A remote attacker that controls a malicious CA server can issue a certificate that will be validated by the application.

3) Observable discrepancy (CVE-ID: CVE-2024-30171)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to a possible timing based leakage in RSA based handshakes. A remote attacker can gain access to sensitive information.

4) Resource management error (CVE-ID: CVE-2023-2650)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the application when processing OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS subsystems with no message size limit. A remote attacker can send specially crafted data to the application and perform a denial of service (DoS) attack.

5) Information disclosure (CVE-ID: CVE-2024-29025)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application in HttpPostRequestDecoder. A remote attacker can gain unauthorized access to sensitive information on the system.

6) Infinite loop (CVE-ID: CVE-2024-30172)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in the Ed25519 verification code. A remote attacker can pass a specially signature and public key to the application, consume all available system resources and cause denial of service conditions.

7) Resource exhaustion (CVE-ID: CVE-2023-0464)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when verifying X.509 certificate chains that include policy constraints. A remote attacker can create a specially crafted certificate to trigger resource exhaustion and perform a denial of service (DoS) attack.

8) Improper access control (CVE-ID: CVE-2024-23944)

The vulnerability allows a remote user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in persistent watchers. A remote user can bypass implemented security restrictions and obtain user names or login identifiers.

9) Resource exhaustion (CVE-ID: CVE-2024-29857)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to library does not properly control consumption of internal resources when importing an EC certificate with specially crafted F2m parameters. A remote attacker can pass a specially crafted certificate to the application to trigger resource exhaustion and perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://www.ibm.com/support/pages/node/7174376