{"id":2086,"date":"2025-04-28T22:33:17","date_gmt":"2025-04-28T22:33:17","guid":{"rendered":"http:\/\/localhost\/?p=2086"},"modified":"2025-04-28T22:33:17","modified_gmt":"2025-04-28T22:33:17","slug":"security-bulletin-ibm-technical-suppport-appliance-possible-security-flaw-in-dhcp-processing-that-ma","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=2086","title":{"rendered":"Security Bulletin: IBM Technical Suppport Appliance – possible security flaw in DHCP processing that may leak and disrupt network traffic"},"content":{"rendered":"
\n

Vulnerability Details<\/h2>\n
\n

Basic Information<\/h3>\n\n\n\n\n\n\n
Title<\/th>\nSecurity Bulletin: IBM Technical Suppport Appliance – possible security flaw in DHCP processing that may leak and disrupt network traffic<\/td>\n<\/tr>\n
Type<\/th>\nibm<\/td>\n<\/tr>\n
Published<\/th>\n2025-04-28T22:21:55<\/td>\n<\/tr>\n
Last Seen<\/th>\n2025-04-29T02:56:36<\/td>\n<\/tr>\n
CVSS Score<\/th>\n7.6 (HIGH)<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVSS v3 Details<\/h3>\n\n\n\n\n\n\n\n\n\n
Attack Vector<\/th>\nADJACENT<\/td>\n<\/tr>\n
Attack Complexity<\/th>\nLOW<\/td>\n<\/tr>\n
Privileges Required<\/th>\nNONE<\/td>\n<\/tr>\n
User Interaction<\/th>\nNONE<\/td>\n<\/tr>\n
Scope<\/th>\nUNCHANGED<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\nHIGH<\/td>\n<\/tr>\n
Integrity Impact<\/th>\nLOW<\/td>\n<\/tr>\n
Availability Impact<\/th>\nLOW<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVE Information<\/h3>\n\n\n\n\n
CVE IDs<\/th>\nCVE-2024-3661<\/td>\n<\/tr>\n
CWE<\/th>\n<\/td>\n<\/tr>\n
Bulletin Family<\/th>\nsoftware<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

Description<\/h3>\n
\n ## Summary<\/p>\n

A flaw in the network manager may cause network traffic to be read and possibly modified when it was expected that the network traffic was protected by a VPN.<\/p>\n

## Vulnerability Details<\/p>\n

**CVEID:**CVE-2024-3661
\n**DESCRIPTION:** DHCP can add routes to a client\u2019s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN.
\n**CWE:**CWE-306: Missing Authentication for Critical Function
\n**CVSS Source:** NVD
\n**CVSS Base score:** 7.6
\n**CVSS Vector:**(CVSS:3.1\/AV:A\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:L\/A:L)<\/p>\n

## Affected Products and Versions<\/p>\n

Affected Product(s)| Version(s)
\n—|—
\nTechnical Support Appliance| All <\/p>\n

## Remediation\/Fixes<\/p>\n

Update the IBM Technical Support Appliance to 3.0.3. Refer to the online support documentation on how to perform an update.<\/p>\n

## Workarounds and Mitigations<\/p>\n

None<\/p>\n

##\n <\/p><\/div>\n<\/p><\/div>\n

\n

Impact Assessment<\/h3>\n\n\n\n
Base Score<\/th>\n7.6<\/td>\n<\/tr>\n
Severity<\/th>\nHIGH<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

View full CVE details<\/a><\/p>\n<\/p><\/div>\n<\/div>\n