Vulnerability Name:

CVE-2022-24823 (CCN-225922)

Assigned:2022-05-06
Published:2022-05-06
Updated:2022-12-03
Summary:Netty could allow a local authenticated attacker to obtain sensitive information, caused by a flaw when temporary storing uploads on the disk is enabled. By gaining access to the local system temporary directory, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVSS v3 Severity:5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:1.9 Low (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): None
Availibility (A): None
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2022-24823

Source: XF
Type: UNKNOWN
netty-cve202224823-info-disc(225922)

Source: security-advisories@github.com
Type: Patch, Third Party Advisory
security-advisories@github.com

Source: CCN
Type: Netty GIT Repository
Local Information Disclosure Vulnerability in Netty on Unix-Like systems due temporary files for Java 6 and lower in io.netty:netty-codec-http

Source: security-advisories@github.com
Type: Exploit, Mitigation, Third Party Advisory
security-advisories@github.com

Source: security-advisories@github.com
Type: Exploit, Mitigation, Third Party Advisory
security-advisories@github.com

Source: security-advisories@github.com
Type: Third Party Advisory
security-advisories@github.com

Source: CCN
Type: IBM Security Bulletin 6594755 (Tivoli Netcool/OMNIbus)
IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library is affected by vulnerability in Netty (CVE-2022-24823)

Source: CCN
Type: IBM Security Bulletin 6616333 (Watson Assistant for Cloud Pak for data)
IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Netty information disclosure (CVE-2022-24823)

Source: CCN
Type: IBM Security Bulletin 6825139 (QRadar User Behavior Analytics)
Multiple vulnerabilities in Zookeeper affecting IBM QRadar User Behavior Analytics (CVE-2022-2191, CVE-2022-2047, CVE-2022-2048, CVE-2022-24823, CVE-2020-36518)

Source: CCN
Type: IBM Security Bulletin 6831799 (Cloud Transformation Advisor)
IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6842123 (Operations Analytics Predictive Insights)
Multiple vulnerabilities in Netty libraries affect IBM Operations Analytics Predictive Insights (CVE-2021-43797 CVE-2022-24823)

Source: CCN
Type: IBM Security Bulletin 6852613 (Tivoli Network Manager)
Multiple Vulnerabilities discovered in libraries used by Apache Zookeeper that is included in ITNM (CVE-2020-36518, CVE-2022-2047, CVE-2022-2048, CVE-2022-24823)

Source: CCN
Type: IBM Security Bulletin 6890673 (Voice Gateway)
Multiple Vulnerabilities in Java packages affect IBM Voice Gateway

Source: CCN
Type: IBM Security Bulletin 6956539 (MobileFirst Platform Foundation)
Multiple vulnerabilities found with third-party libraries used by IBM MobileFirst Platform

Source: CCN
Type: IBM Security Bulletin 6967333 (QRadar SIEM)
IBM QRadar SIEM includes components with known vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6980407 (Sterling Order Management)
Netty Vulnerabilites 4.0.37

Source: CCN
Type: IBM Security Bulletin 6984171 (Cloud Pak for Network Automation)
IBM Cloud Pak for Network Automation 2.4.5 addresses multiple security vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6995211 (Cloud Pak for Security)
IBM Cloud Pak for Security includes components with multiple known vulnerabilities (CVE-2022-25901, CVE-2022-24823)

Source: CCN
Type: IBM Security Bulletin 7001867 (Cloud Pak for Security)
IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Source: CCN
Type: IBM Security Bulletin 7007837 (Cloud Pak for Watson AIOps)
Multiple Vulnerabilities in CloudPak for Watson AIOPs

Source: CCN
Type: Oracle CPUJul2022
Oracle Critical Patch Update Advisory - July 2022

Source: security-advisories@github.com
Type: Patch, Third Party Advisory
security-advisories@github.com

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:ibm:tivoli_netcool/omnibus:8.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:operations_analytics_predictive_insights:1.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_transformation_advisor:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:mobilefirst_platform_foundation:8.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.10.0.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:8135
    P
    		Security update for netty, netty-tcnative (Important)
    2023-06-21
    oval:org.opensuse.security:def:8155
    P
    		Security update for netty, netty-tcnative (Important)
    2023-06-21
    BACK
    ibm tivoli netcool/omnibus 8.1.0
    ibm operations analytics predictive insights 1.3.6
    ibm voice gateway 1.0.2
    ibm voice gateway 1.0.3
    ibm cloud transformation advisor 2.0.1
    ibm mobilefirst platform foundation 8.0.0.0
    ibm voice gateway 1.0.2.4
    ibm voice gateway 1.0.4
    ibm qradar security information and event manager 7.4 -
    ibm voice gateway 1.0.5
    ibm voice gateway 1.0.6
    ibm voice gateway 1.0.7
    ibm cloud pak for security 1.10.0.0