cnvd - cnvd-2020-25569

cnvd-2020-25569

Vulnerability from cnvd

Title: IBM Automation Workstream Services in Cloud Pak for Automation和IBM Process Federation Server拒绝服务漏洞

Description:

IBM Automation Workstream Services in Cloud Pak for Automation和IBM Process Federation Server是IBM工作流程自动化服务和IBM联合服务器。

IBM Automation Workstream Services in Cloud Pak for Automation和IBM Process Federation Server存在拒绝服务漏洞，攻击者可利用该漏洞造成拒绝服务。

Severity: 中

Patch Name: IBM Automation Workstream Services in Cloud Pak for Automation和IBM Process Federation Server拒绝服务漏洞的补丁

Patch Description:

IBM Automation Workstream Services in Cloud Pak for Automation和IBM Process Federation Server是IBM工作流程自动化服务和IBM联合服务器。

IBM Automation Workstream Services in Cloud Pak for Automation和IBM Process Federation Server存在拒绝服务漏洞，攻击者可利用该漏洞造成拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://www.ibm.com/support/pages/node/6125403

Reference: https://www.ibm.com/blogs/psirt/security-bulletin-ibm-process-federation-server-rest-api-is-subject-to-dos-attacks/

Impacted products

Name
['IBM Business Automation Workflow >=18.0.0.1，<=19.0.0.3', 'IBM Automation Workstream Services in Cloud Pak for Automation 19.0.3']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-4325"
    }
  },
  "description": "IBM Automation Workstream Services in Cloud Pak for Automation\u548cIBM Process Federation Server\u662fIBM\u5de5\u4f5c\u6d41\u7a0b\u81ea\u52a8\u5316\u670d\u52a1\u548cIBM\u8054\u5408\u670d\u52a1\u5668\u3002\n\nIBM Automation Workstream Services in Cloud Pak for Automation\u548cIBM Process Federation Server\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.ibm.com/support/pages/node/6125403",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-25569",
  "openTime": "2020-04-29",
  "patchDescription": "IBM Automation Workstream Services in Cloud Pak for Automation\u548cIBM Process Federation Server\u662fIBM\u5de5\u4f5c\u6d41\u7a0b\u81ea\u52a8\u5316\u670d\u52a1\u548cIBM\u8054\u5408\u670d\u52a1\u5668\u3002\r\n\r\nIBM Automation Workstream Services in Cloud Pak for Automation\u548cIBM Process Federation Server\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002 \u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "IBM Automation Workstream Services in Cloud Pak for Automation\u548cIBM Process Federation Server\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "IBM Business Automation Workflow \u003e=18.0.0.1\uff0c\u003c=19.0.0.3",
      "IBM Automation Workstream Services in Cloud Pak for Automation 19.0.3"
    ]
  },
  "referenceLink": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-process-federation-server-rest-api-is-subject-to-dos-attacks/",
  "serverity": "\u4e2d",
  "submitTime": "2020-04-03",
  "title": "IBM Automation Workstream Services in Cloud Pak for Automation\u548cIBM Process Federation Server\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2020-4325 (GCVE-0-2020-4325)

Vulnerability from cvelistv5

Published

2020-04-02 14:20

Modified

2024-09-16 20:07

Severity ?

6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C

CWE

Denial of Service

Summary

The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, and 19.0.0.3 Global Teams REST API does not properly shutdown the thread pools that it creates to retrieve Global Teams information from the federated systems. As a consequence, the Java Virtual Machine can't recover the memory used by those thread pools, which leads to an OutOfMemory exception when the Process Federation Server Global Teams REST API is used extensively. IBM X-Force ID: 177596.

References

▼	URL	Tags
	https://www.ibm.com/support/pages/node/6125403	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/177596	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

IBM

Process Federation Server

Version: 18.0.0.1
Version: 18.0.0.2
Version: 19.0.0.1
Version: 19.0.0.2
Version: 19.0.0.3

IBM

Automation Workstream Services in Cloud Pak for Automation

Version: 19.0.0.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T08:00:07.796Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.ibm.com/support/pages/node/6125403"
          },
          {
            "name": "ibm-icp4a-cve20204325-dos (177596)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177596"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Process Federation Server",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "18.0.0.1"
            },
            {
              "status": "affected",
              "version": "18.0.0.2"
            },
            {
              "status": "affected",
              "version": "19.0.0.1"
            },
            {
              "status": "affected",
              "version": "19.0.0.2"
            },
            {
              "status": "affected",
              "version": "19.0.0.3"
            }
          ]
        },
        {
          "product": "Automation Workstream Services in Cloud Pak for Automation",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "19.0.0.3"
            }
          ]
        }
      ],
      "datePublic": "2020-04-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, and 19.0.0.3 Global Teams REST API does not properly shutdown the thread pools that it creates to retrieve Global Teams information from the federated systems. As a consequence, the Java Virtual Machine can\u0027t recover the memory used by those thread pools, which leads to an OutOfMemory exception when the Process Federation Server Global Teams REST API is used extensively. IBM X-Force ID: 177596."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitCodeMaturity": "UNPROVEN",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 5.7,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/C:N/S:U/A:H/PR:L/I:N/AV:N/AC:L/UI:N/RC:C/E:U/RL:O",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-02T14:20:21",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.ibm.com/support/pages/node/6125403"
        },
        {
          "name": "ibm-icp4a-cve20204325-dos (177596)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177596"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2020-04-01T00:00:00",
          "ID": "CVE-2020-4325",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Process Federation Server",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "18.0.0.1"
                          },
                          {
                            "version_value": "18.0.0.2"
                          },
                          {
                            "version_value": "19.0.0.1"
                          },
                          {
                            "version_value": "19.0.0.2"
                          },
                          {
                            "version_value": "19.0.0.3"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Automation Workstream Services in Cloud Pak for Automation",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "19.0.0.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, and 19.0.0.3 Global Teams REST API does not properly shutdown the thread pools that it creates to retrieve Global Teams information from the federated systems. As a consequence, the Java Virtual Machine can\u0027t recover the memory used by those thread pools, which leads to an OutOfMemory exception when the Process Federation Server Global Teams REST API is used extensively. IBM X-Force ID: 177596."
            }
          ]
        },
        "impact": {
          "cvssv3": {
            "BM": {
              "A": "H",
              "AC": "L",
              "AV": "N",
              "C": "N",
              "I": "N",
              "PR": "L",
              "S": "U",
              "UI": "N"
            },
            "TM": {
              "E": "U",
              "RC": "C",
              "RL": "O"
            }
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.ibm.com/support/pages/node/6125403",
              "refsource": "CONFIRM",
              "title": "IBM Security Bulletin 6125403 (Automation Workstream Services in Cloud Pak for Automation)",
              "url": "https://www.ibm.com/support/pages/node/6125403"
            },
            {
              "name": "ibm-icp4a-cve20204325-dos (177596)",
              "refsource": "XF",
              "title": "X-Force Vulnerability Report",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177596"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2020-4325",
    "datePublished": "2020-04-02T14:20:22.033047Z",
    "dateReserved": "2019-12-30T00:00:00",
    "dateUpdated": "2024-09-16T20:07:20.525Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted