{"id":2091,"date":"2025-04-28T22:33:28","date_gmt":"2025-04-28T22:33:28","guid":{"rendered":"http:\/\/localhost\/?p=2091"},"modified":"2025-04-28T22:33:28","modified_gmt":"2025-04-28T22:33:28","slug":"security-bulletin-ibm-spectrum-symphony-with-nodejs-various-security-issues","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=2091","title":{"rendered":"Security Bulletin: IBM Spectrum Symphony with Node.js various security issues"},"content":{"rendered":"
\n

Vulnerability Details<\/h2>\n
\n

Basic Information<\/h3>\n\n\n\n\n\n\n
Title<\/th>\nSecurity Bulletin: IBM Spectrum Symphony with Node.js various security issues<\/td>\n<\/tr>\n
Type<\/th>\nibm<\/td>\n<\/tr>\n
Published<\/th>\n2025-04-28T20:41:23<\/td>\n<\/tr>\n
Last Seen<\/th>\n2025-04-29T02:56:35<\/td>\n<\/tr>\n
CVSS Score<\/th>\n7.7 (HIGH)<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVSS v3 Details<\/h3>\n\n\n\n\n\n\n\n\n\n
Attack Vector<\/th>\nLOCAL<\/td>\n<\/tr>\n
Attack Complexity<\/th>\nLOW<\/td>\n<\/tr>\n
Privileges Required<\/th>\nNONE<\/td>\n<\/tr>\n
User Interaction<\/th>\nNONE<\/td>\n<\/tr>\n
Scope<\/th>\nUNCHANGED<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\nHIGH<\/td>\n<\/tr>\n
Integrity Impact<\/th>\nHIGH<\/td>\n<\/tr>\n
Availability Impact<\/th>\nNONE<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVE Information<\/h3>\n\n\n\n\n
CVE IDs<\/th>\nCVE-2023-23919, CVE-2023-23920, CVE-2023-30581, CVE-2023-30584, CVE-2023-30587, CVE-2023-30588<\/td>\n<\/tr>\n
CWE<\/th>\n<\/td>\n<\/tr>\n
Bulletin Family<\/th>\nsoftware<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

Description<\/h3>\n
\n ## Summary<\/p>\n

IBM Spectrum Symphony with Node.js various security issues<\/p>\n

## Vulnerability Details<\/p>\n

**CVEID:**CVE-2023-23920
\n**DESCRIPTION:** Node.js could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control. By sending a specially-crafted request using ICU_DATA environment variable, an attacker could exploit this vulnerability to search and potentially load ICU data.
\nCVSS Base score: 2.7
\nCVSS Temporal Score: See: https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/247694 for the current score.
\nCVSS Vector: (CVSS:3.0\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:N\/I:L\/A:N) <\/p>\n

**CVEID:**CVE-2023-30581
\n**DESCRIPTION:** Node.js could allow a remote attacker to bypass security restrictions, caused by the use of proto in process.mainModule.proto.require(). By sending a specially crafted request, an attacker could exploit this vulnerability to bypass experimental policy mechanism.
\nCVSS Base score: 7.5
\nCVSS Temporal Score: See: https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/258615 for the current score.
\nCVSS Vector: (CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:H\/A:N) <\/p>\n

**CVEID:**CVE-2023-30587
\n**DESCRIPTION:** Node.js could allow a remote attacker to bypass security restrictions. By exploiting the Worker class’s ability to create an “internal worker” with the kIsInternal Symbol, an attacker could exploit this vulnerability to modify the isInternal value when an inspector is attached within the Worker constructor before initializing a new WorkerImpl.
\nCVSS Base score: 7.5
\nCVSS Temporal Score: See: https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/258618 for the current score.
\nCVSS Vector: (CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:H\/A:N) <\/p>\n

**CVEID:**CVE-2023-23919
\n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by not clear the OpenSSL error stack after operations. By sending specially-crafted cryptographic operations, a remote attacker could exploit this vulnerability to cause a denial of service condition.
\nCVSS Base score: 5.9
\nCVSS Temporal Score: See: https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/247697 for the current score.
\nCVSS Vector: (CVSS:3.0\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H) <\/p>\n

**CVEID:**CVE-2023-30588
\n**DESCRIPTION:** Node.js is vulnerable to a denial of service, caused by invalid public key information in x509 certificates. By accessing public key info of provided certificates from user code, an attacker could exploit this vulnerability to force interruptions of application processing and cause a denial of service.
\nCVSS Base score: 5.3
\nCVSS Temporal Score: See: https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/258623 for the current score.
\nCVSS Vector: (CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:L) <\/p>\n

**CVEID:**CVE-2023-30584
\n**DESCRIPTION:** Node.js could allow a remote attacker to bypass security restrictions, caused by a path traversal bypass when verifying file permissions. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass the experimental permission model.
\nCVSS Base score: 7.5
\nCVSS Temporal Score: See: https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/258617 for the current score.
\nCVSS Vector: (CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:H\/A:N) <\/p>\n

**IBM X-Force ID:** 259772
\n**DESCRIPTION:** Node.js could allow a remote attacker to bypass security restrictions, caused by the failure to respect whether the relevant directories use case-insensitive path processing by process.permission.deny(). By using case-insensitive paths and changing capitalization, an attacker could exploit this vulnerability to bypass permission model restrictions.
\nCVSS Base score: 6.5
\nCVSS Temporal Score: See: https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/259772 for the current score.
\nCVSS Vector: (CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:N) <\/p>\n

**IBM X-Force ID:** 256137
\n**DESCRIPTION:** FasterXML Jackson Core is vulnerable to a denial of service, caused by improper input validation by the StreamReadConstraints value field. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash.
\nCVSS Base score: 5.3
\nCVSS Temporal Score: See: https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/256137 for the current score.
\nCVSS Vector: (CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:L) <\/p>\n

**IBM X-Force ID:** 259087
\n**DESCRIPTION:** Node.js @strapi\/plugin-users-permissions module could allow a remote attacker to bypass security restrictions, caused by using the AWS Cognito login provider’s None signing algorithm during the OAuth flow. An attacker could exploit this vulnerability to bypass authentication.
\nCVSS Base score: 8.2
\nCVSS Temporal Score: See: https:\/\/exchange.xforce.ibmcloud.com\/vulnerabilities\/259087 for the current score.
\nCVSS Vector: (CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:L\/A:N)<\/p>\n

## Affected Products and Versions<\/p>\n

Affected Product(s)| Version(s)
\n—|—
\nIBM Spectrum Symphony| IBM Spectrum Symphony 7.3.2 <\/p>\n

## Remediation\/Fixes<\/p>\n

IBM strongly suggests the following remediation or fix:<\/p>\n

Upgrade to the latest versions of IBM Spectrum Symphony FP2 (**IBM Spectrum Symphony 7.3.2 with Fix 601711)**. <\/p>\n

## Workarounds and Mitigations<\/p>\n

None<\/p>\n

##\n <\/p><\/div>\n<\/p><\/div>\n

\n

Impact Assessment<\/h3>\n\n\n\n
Base Score<\/th>\n7.7<\/td>\n<\/tr>\n
Severity<\/th>\nHIGH<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

View full CVE details<\/a><\/p>\n<\/p><\/div>\n<\/div>\n