IBM Security Access Manager Container information disclosure

Vulnerability

IBM Security Access Manager Container (IBM Security Verify Access Appliance and Docker) versions 10.0.0.0 through 10.0.6.1 temporarily stores sensitive information in files that could be accessed by a local user [1]. This vulnerability (CVE-2023-31002) is distinct from the similar issue CVE-2023-31001, which also involves temporary storage of sensitive data but with a slightly different attack vector [1]. The affected components include both the Appliance and Docker deployments within the specified version range.

Exploitation

A local user on the system where the container is running can access the temporary files containing sensitive information [1]. The attack requires local access (AV:L) and no special privileges (PR:N), but the attack complexity is high (AC:H) because it depends on precise timing or conditions to access the files while they exist [1]. No user interaction is required beyond having local access to the system.

Impact

Successful exploitation leads to confidentiality impact (high) as the attacker can read sensitive information (e.g., credentials, tokens, or other secrets) that were temporarily stored by the IBM Security Access Manager Container [1]. There is no integrity or availability impact from this specific vulnerability; the attacker only gains read access to the sensitive data.

Mitigation

IBM has addressed this vulnerability in IBM Security Verify Access updates [1]. The fix is included in the Security Bulletin (page/node/7106586) as part of a cumulative update that resolves multiple vulnerabilities. Users should upgrade to a patched version (beyond 10.0.6.1) as detailed in the IBM support page. No workarounds were disclosed in the available reference; applying the latest update is the recommended mitigation.