CVE-2023-35897 - Vulnerability Details - OpenCVE

IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Ibm	Storage Protect Storage Protect Client

Configuration 1 [-]

OR	cpe:2.3:a:ibm:storage_protect:::::virtual_environments\:_data_protection_for_hyper-v:::*
	cpe:2.3:a:ibm:storage_protect:::::virtual_environments\:_data_protection_for_vmware:::*
	cpe:2.3:a:ibm:storage_protect_client::::::::

No data.

References

Link	Providers
https://exchange.xforce.ibmcloud.com/vulnerabilities/259246
https://www.ibm.com/support/pages/node/7037299

History

Thu, 19 Sep 2024 16:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2023-10-06T13:06:34.570Z

Updated: 2024-09-19T16:04:33.532Z

Reserved: 2023-06-20T02:24:14.840Z

Link: CVE-2023-35897

Vulnrichment

Updated: 2024-08-02T16:37:40.090Z

NVD

Status : Modified

Published: 2023-10-06T14:15:11.913

Modified: 2024-11-21T08:08:56.773

Link: CVE-2023-35897

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-35897", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2023-06-20T02:24:14.840Z", "datePublished": "2023-10-06T13:06:34.570Z", "dateUpdated": "2024-09-19T16:04:33.532Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Storage Protect Client", "vendor": "IBM", "versions": [{"lessThanOrEqual": "8.1.19.0", "status": "affected", "version": "8.1.0.0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Storage Protect for Virtual Environments", "vendor": "IBM", "versions": [{"lessThanOrEqual": "8.1.19.0", "status": "affected", "version": "8.1.0.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246."}], "value": "IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2023-10-06T13:06:34.570Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://www.ibm.com/support/pages/node/7037299"}, {"tags": ["vdb-entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/259246"}], "source": {"discovery": "UNKNOWN"}, "title": "IBM Spectrum Protect code execution", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:37:40.090Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://www.ibm.com/support/pages/node/7037299"}, {"tags": ["vdb-entry", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/259246"}]}, {"affected": [{"vendor": "ibm", "product": "storage_protect_client", "cpes": ["cpe:2.3:a:ibm:storage_protect_client:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "8.1.0.0", "status": "affected", "lessThanOrEqual": "8.1.19.0", "versionType": "custom"}]}, {"vendor": "ibm", "product": "storage_protect", "cpes": ["cpe:2.3:a:ibm:storage_protect:*:*:*:*:virtual_environments\\:_data_protection_for_hyper-v:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "8.1.0.0", "status": "affected", "lessThanOrEqual": "8.1.19.0", "versionType": "custom"}]}, {"vendor": "ibm", "product": "storage_protect", "cpes": ["cpe:2.3:a:ibm:storage_protect:*:*:*:*:virtual_environments\\:_data_protection_for_vmware:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "8.1.0.0", "status": "affected", "lessThanOrEqual": "8.1.19.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-19T15:59:21.561364Z", "id": "CVE-2023-35897", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-19T16:04:33.532Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.ibm.com/support/pages/node/7037299", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/259246", "tags": ["vdb-entry", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:37:40.090Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-35897", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-19T15:59:21.561364Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:ibm:storage_protect_client:*:*:*:*:*:*:*:*"], "vendor": "ibm", "product": "storage_protect_client", "versions": [{"status": "affected", "version": "8.1.0.0", "versionType": "custom", "lessThanOrEqual": "8.1.19.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:ibm:storage_protect:*:*:*:*:virtual_environments\\:_data_protection_for_hyper-v:*:*:*"], "vendor": "ibm", "product": "storage_protect", "versions": [{"status": "affected", "version": "8.1.0.0", "versionType": "custom", "lessThanOrEqual": "8.1.19.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:ibm:storage_protect:*:*:*:*:virtual_environments\\:_data_protection_for_vmware:*:*:*"], "vendor": "ibm", "product": "storage_protect", "versions": [{"status": "affected", "version": "8.1.0.0", "versionType": "custom", "lessThanOrEqual": "8.1.19.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-19T16:04:27.979Z"}}], "cna": {"title": "IBM Spectrum Protect code execution", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "IBM", "product": "Storage Protect Client", "versions": [{"status": "affected", "version": "8.1.0.0", "versionType": "semver", "lessThanOrEqual": "8.1.19.0"}], "defaultStatus": "unaffected"}, {"vendor": "IBM", "product": "Storage Protect for Virtual Environments", "versions": [{"status": "affected", "version": "8.1.0.0", "versionType": "semver", "lessThanOrEqual": "8.1.19.0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.ibm.com/support/pages/node/7037299", "tags": ["vendor-advisory"]}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/259246", "tags": ["vdb-entry"]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246.", "supportingMedia": [{"type": "text/html", "value": "IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2023-10-06T13:06:34.570Z"}}}, "cveMetadata": {"cveId": "CVE-2023-35897", "state": "PUBLISHED", "dateUpdated": "2024-09-19T16:04:33.532Z", "dateReserved": "2023-06-20T02:24:14.840Z", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "datePublished": "2023-10-06T13:06:34.570Z", "assignerShortName": "ibm"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:storage_protect:*:*:*:*:virtual_environments\\:_data_protection_for_hyper-v:*:*:*", "matchCriteriaId": "67B96354-0D66-477B-B7EA-15FCACF83B3D", "versionEndIncluding": "8.1.19.0", "versionStartIncluding": "8.1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:storage_protect:*:*:*:*:virtual_environments\\:_data_protection_for_vmware:*:*:*", "matchCriteriaId": "8D7B9A95-822F-4766-B098-3183AF0381E1", "versionEndIncluding": "8.1.19.0", "versionStartIncluding": "8.1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:storage_protect_client:*:*:*:*:*:*:*:*", "matchCriteriaId": "8CB5C2C0-02C8-4BF6-B52A-EA1A804F68A6", "versionEndIncluding": "8.1.19.0", "versionStartIncluding": "8.1.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246."}, {"lang": "es", "value": "IBM Spectrum Protect Client e IBM Storage Protect for Virtual Environments 8.1.0.0 a 8.1.19.0 podr\u00edan permitir a un usuario local ejecutar c\u00f3digo arbitrario en el sistema utilizando un archivo especialmente manipulado, causado por una falla de secuestro de DLL. ID de IBM X-Force: 259246."}], "id": "CVE-2023-35897", "lastModified": "2024-11-21T08:08:56.773", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "psirt@us.ibm.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-06T14:15:11.913", "references": [{"source": "psirt@us.ibm.com", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/259246"}, {"source": "psirt@us.ibm.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/7037299"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/259246"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/7037299"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "psirt@us.ibm.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-427"}], "source": "nvd@nist.gov", "type": "Primary"}]}