CVE-2020-4864 - OpenCVE

IBM Resilient SOAR V38.0 could allow an attacker on the internal net work to provide the server with a spoofed source IP address. IBM X-Force ID: 190567.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:A/AC:L/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Ibm	Resilient Security Orchestration Automation And Response

Configuration 1 [-]

cpe:2.3:a:ibm:resilient_security_orchestration_automation_and_response:38.0:*:*:*:*:*:*:*

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/190567	VDB Entry Vendor Advisory
https://www.ibm.com/support/pages/node/6356441	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: ibm

Published: 2020-10-28T00:00:00

Updated: 2020-10-29T15:50:34

Reserved: 2019-12-30T00:00:00

Link: CVE-2020-4864

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-10-29T16:15:15.307

Modified: 2020-10-30T21:46:18.733

Link: CVE-2020-4864

JSON object: View

Redhat Information

No data.

CWE

CWE-290

{"containers": {"cna": {"affected": [{"product": "Resilient OnPrem", "vendor": "IBM", "versions": [{"status": "affected", "version": "38"}]}], "datePublic": "2020-10-28T00:00:00", "descriptions": [{"lang": "en", "value": "IBM Resilient SOAR V38.0 could allow an attacker on the internal net work to provide the server with a spoofed source IP address. IBM X-Force ID: 190567."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "LOW", "privilegesRequired": "NONE", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 3.8, "temporalSeverity": "LOW", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/C:N/I:L/S:U/A:N/AC:L/UI:N/PR:N/E:U/RL:O/RC:C", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Bypass Security", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-10-29T15:50:34", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.ibm.com/support/pages/node/6356441"}, {"name": "ibm-resilient-cve20204864-spoofing (190567)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/190567"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2020-10-28T00:00:00", "ID": "CVE-2020-4864", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Resilient OnPrem", "version": {"version_data": [{"version_value": "38"}]}}]}, "vendor_name": "IBM"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM Resilient SOAR V38.0 could allow an attacker on the internal net work to provide the server with a spoofed source IP address. IBM X-Force ID: 190567."}]}, "impact": {"cvssv3": {"BM": {"A": "N", "AC": "L", "AV": "A", "C": "N", "I": "L", "PR": "N", "S": "U", "UI": "N"}, "TM": {"E": "U", "RC": "C", "RL": "O"}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Bypass Security"}]}]}, "references": {"reference_data": [{"name": "https://www.ibm.com/support/pages/node/6356441", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6356441 (Resilient OnPrem)", "url": "https://www.ibm.com/support/pages/node/6356441"}, {"name": "ibm-resilient-cve20204864-spoofing (190567)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/190567"}]}}}}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2020-4864", "datePublished": "2020-10-28T00:00:00", "dateReserved": "2019-12-30T00:00:00", "dateUpdated": "2020-10-29T15:50:34", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:resilient_security_orchestration_automation_and_response:38.0:*:*:*:*:*:*:*", "matchCriteriaId": "00863999-85CE-4E74-B01B-29C64C97C0CD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "IBM Resilient SOAR V38.0 could allow an attacker on the internal net work to provide the server with a spoofed source IP address. IBM X-Force ID: 190567."}, {"lang": "es", "value": "IBM Resilient SOAR versi\u00f3n V38.0, podr\u00eda permitir a un atacante en la red interna proporcionar al servidor una direcci\u00f3n IP de origen falsificada. IBM X-Force ID: 190567"}], "id": "CVE-2020-4864", "lastModified": "2020-10-30T21:46:18.733", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "psirt@us.ibm.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-10-29T16:15:15.307", "references": [{"source": "psirt@us.ibm.com", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/190567"}, {"source": "psirt@us.ibm.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/6356441"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-290"}], "source": "nvd@nist.gov", "type": "Primary"}]}