Critical Severity

Security Bulletin: IBM Tivoli Monitoring is vulnerable to remote code execution and denial of service due to multiple Expat CVEs

Share this post:

The libexpart parser that is used by IBM Tivoli Monitoring for parsing various configuration xml files and parsing soap requests is potentially vulnerable to the following remote code execution CVE’s: CVE-2021-46143 CVE-2022-25314 CVE-2022-23990 CVE-2022-22825 CVE-2022-23852 CVE-2022-22824 CVE-2022-22823 CVE-2022-22826 CVE-2022-22827 CVE-2022-22822 CVE-2022-25315 and the following denial of service CVE’s: CVE-2021-45960 CVE-2022-25236 CVE-2022-25235 CVE-2022-25313. Most of the vulnerabilities would require the system to be locally compromised such that a bad actor could modify file locally.

CVE(s): CVE-2021-46143, CVE-2022-25314, CVE-2022-23990, CVE-2022-22825, CVE-2022-23852, CVE-2022-25313, CVE-2022-22824, CVE-2022-25235, CVE-2022-22823, CVE-2022-22826, CVE-2022-22827, CVE-2022-25236, CVE-2022-22822, CVE-2022-25315, CVE-2021-45960

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Tivoli Monitoring 6.3.0 – 6.3.0.7 (up to 6.3.0.7 Service pack 10)

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6587158
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/216875
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/219946
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/218206
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/216905
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/218007
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/219947
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/216906
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/219782
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/216907
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/216904
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/216901
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/219784
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/216908
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/219945
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/216473

More stories

Security Bulletin: IBM QRadar SIEM is affected by a remote code execution in Spring Framework (CVE-2022-22963, CVE-2022-22965, CVE-2022-22950)

June 24, 2022 | Critical Severity

IBM QRadar SIEM is affected but not vulnerable to a remote code execution in Spring Framework (CVE-2022-22965) as it does not meet all of the following criteria: 1. JDK 9 or higher, 2. Apache Tomcat as the Servlet container, 3. Packaged as WAR (in contrast to a Spring Boot executable jar), 4. Spring-webmvc or spring-webflux dependency, 5. Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older versions. QVM utilizes the Spring Framework to support our Java backed user interface.. The fix includes Spring 5.3.18. ...read more


Security Bulletin: IBM CICS TX Standard is vulnerable to arbitrary code execution (CVE-2022-31767)

June 22, 2022 | Critical Severity

IBM CICS TX Advanced could allow a remote attacker to execute arbitrary commands. The fix removes this vulnerability (CVE-2022-31767) from IBM CICS TX Advanced. ...read more


Security Bulletin: IBM CICS TX Advanced is vulnerable to arbitrary code execution (CVE-2022-31767)

June 22, 2022 | Critical Severity

IBM CICS TX Advanced could allow a remote attacker to execute arbitrary commands. The fix removes this vulnerability (CVE-2022-31767) from IBM CICS TX Advanced. ...read more