Security Bulletin
Summary
Source code scanning has found several open source vulnerabilites in the IBM Security Verify Access product. Verify Access has updated the packages as required.
Vulnerability Details
CVEID: CVE-2018-20574
DESCRIPTION: yaml-cpp is vulnerable to a denial of service, caused by an error in the SingleDocParser::HandleFlowMap function. By persuading a victim to open a specially-crafted YAML file, a remote attacker could exploit this vulnerability to consume all available stack resources and crash.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/154878 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID: CVE-2019-6285
DESCRIPTION: yaml-cpp is vulnerable to a denial of service, caused by a stack consumption in SingleDocParser::HandleFlowSequence function. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/155595 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID: CVE-2018-20573
DESCRIPTION: yaml-cpp is vulnerable to a denial of service, caused by an error in the Scanner::EnsureTokensInQueue function. By persuading a victim to open a specially-crafted YAML file, a remote attacker could exploit this vulnerability to consume all available stack resources and crash.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/154877 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID: CVE-2017-11692
DESCRIPTION: yaml-cpp is vulnerable to a denial of service, caused by an error in the Token& Scanner::peek function in scanner.cpp. By sending a '!2' string, a remote attacker could exploit this vulnerability to cause an assertion failurre.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/129747 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2010-4021
DESCRIPTION: MIT Kerberos could allow a remote authenticated attacker to bypass security restrictions, caused by the issuance of tickets not requested by a client by KDC due to KrbFastArmoredReq. An attacker could exploit this vulnerability to impersonate clients.
CVSS Base score: 2.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/63593 for the current score.
CVSS Vector: (AV:N/AC:H/Au:S/C:N/I:P/A:N)
CVEID: CVE-2010-1324
DESCRIPTION: MIT Kerberos could allow a remote attacker to bypass security restrictions, caused by the incorrect acceptance of RFC 3961 key-derivation checksums using RC4 keys when verifying the req-checksum in a KrbFastArmoredReq by KDC. An attacker could exploit this vulnerability to launch further attacks on the system.
CVSS Base score: 7.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/63589 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:C/A:N)
CVEID: CVE-2010-4020
DESCRIPTION: MIT Kerberos could allow a remote authenticated attacker to bypass security restrictions, caused by the incorrect acceptance of RFC 3961 key-derivation checksums using RC4 keys when verifying AD-SIGNEDPATH and AD-KDC-ISSUED authorization data by krb5 clients. An attacker could exploit this vulnerability to forge the AD-SIGNEDPATH signature.
CVSS Base score: 3.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/63592 for the current score.
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:P/A:N)
CVEID: CVE-2010-1323
DESCRIPTION: MIT Kerberos could allow a remote attacker to bypass security restrictions, caused by the incorrect acceptance of unkeyed checksums in the SAM-2 preauthentication challenge by krb5 clients. An attacker could exploit this vulnerability to affect the prompt text or modify the response sent to the KDC.
CVSS Base score: 5.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/63590 for the current score.
CVSS Vector: (AV:N/AC:H/Au:N/C:N/I:C/A:N)
CVEID: CVE-2018-5730
DESCRIPTION: MIT krb5 could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the LDAP Kerberos database. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass DN container check.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/139970 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)
CVEID: CVE-2018-20217
DESCRIPTION: MIT Kerberos 5 is vulnerable to a denial of service, caused by an reachable assertion flaw in the KDC. By sending a specially-crafted S4U2Self request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/154827 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2020-28196
DESCRIPTION: MIT Kerberos 5 (aka krb5) is vulnerable to a denial of service, caused by an unbounded recursion flaw in lib/krb5/asn.1/asn1_encode.c. By sending a specially-crafted ASN.1-encoded Kerberos message, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/191321 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
IBM X-Force ID: 217968
DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by an error when using JDK serialization to serialize and deserialize JsonNode values. By sending a specially crafted request, an attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/217968 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
| IBM Security Verify Access | 10.0.0 |
| IBM Security Verify Access Docker | 10.0.0 |
Remediation/Fixes
IBM encourages customers to update their systems promptly.
For the ISAM/ISVA appliances
|
Affected Products and Versions |
Fix availability |
|
IBM Security Verify Access 10.0.0.0 |
IBM Security Verify Access (Container)
For Version 10.0.0.0
- Obtain the latest version of the container by running the following command “docker pull ibmcom/verify-access:[tag]”
Where [tag] is the latest published version and can be confirmed here
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
References
Change History
23 Feb 2022: Initial Publication
*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
Disclaimer
Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.
Document Location
Worldwide
Was this topic helpful?
Document Information
Modified date:
06 July 2022
UID
ibm16601733