Apache Tomcat: Provide Misleading Information -- Remote with User Interaction

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2019.1814
IBM Integration Bus affected by Apache Tomcat vulnerability CVE-2018-11784
                                21 May 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:          Apache Tomcat
Publisher:        IBM
Operating System: AIX
                  HP-UX
                  Linux variants
                  Solaris
                  Windows
Impact/Access:    Provide Misleading Information -- Remote with User Interaction
Resolution:       Patch/Upgrade
CVE Names:        CVE-2018-11784  

Reference:        ASB-2019.0128
                  ASB-2019.0122
                  ASB-2019.0117
                  ASB-2019.0110

- --------------------------BEGIN INCLUDED TEXT--------------------

  Security Bulletin: IBM Integration Bus affected by Apache Tomcat (core only)
                          vulnerability CVE-2018-11784

  Document information

   More support for: IBM Integration Bus

   Software version: All Versions

   Operating system(s): AIX, HP-UX, Linux, Solaris, Windows

   Reference #: 0794487

   Modified date: 20 May 2019

Security Bulletin

Summary

   IBM Integration Bus is affected by an Apache Tomcat vulnerability which
   was reported and has been addressed. Vulnerability details are listed
   below.

Vulnerability Details

   CVEID: CVE-2018-11784
   DESCRIPTION: Apache Tomcat could allow a remote attacker to conduct
   phishing attacks, caused by an open redirect vulnerability in the default
   servlet. An attacker could exploit this vulnerability using a
   specially-crafted URL to redirect a victim to arbitrary Web sites.
   CVSS Base Score: 7.4
   CVSS Temporal Score: See
   https://exchange.xforce.ibmcloud.com/vulnerabilities/150860 for the
   current score
   CVSS Environmental Score*: Undefined
   CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)


Affected Products and Versions

   IBM Integration Bus V10.0.0.0 - V10.0.0.14
   IBM Integration Bus V9.0.0.0 - V9.0.0.11

   WebSphere Message Broker V8.0.0.0 - V8.0.0.9

Remediation/Fixes

   +------------------------------------------------------------------------+
   |Product          |VRMF       |APAR   |Remediation/Fixes                 |
   |-----------------+-----------+-------+----------------------------------|
   |                 |           |       |The APAR is available in fix pack |
   |IBM Integration  |V10.0.0.0 -|IT26898|10.0.0.15                         |
   |Bus              |V10.0.0.14 |       |IBM Integration Bus V10.0 - Fix   |
   |                 |           |       |Pack 10.0.0.15        [1]         |
   |-----------------+-----------+-------+----------------------------------|
   |IBM Integration  |V9.0.0.0 - |       |Interim fix for APAR IT26898  is  |
   |Bus              |V9.0.0.11  |IT26898|available from IBM Fix Central:   |
   |                 |           |       |IBM Fix Central:      [2]         |
   |-----------------+-----------+-------+----------------------------------|
   |WebSphere Message|V8.0.0.0 - |       |Interim fix for APAR IT26898  is  |
   |Broker           |V8.0.0.9   |IT26898|available from IBM Fix Central:   |
   |                 |           |       |IBM Fix Central:      [3]         |
   +------------------------------------------------------------------------+


[1] https://www-01.ibm.com/support/docview.wss?uid=ibm10744771
[2] https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/Integration+Bus&release=9.0.0.11&platform=All&function=aparId&apars=IT26898
[3] https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/WebSphere+Message+Broker&release=8.0.0.9&platform=All&function=aparId&apars=IT26898

Change History

   09th January 2018

   *The CVSS Environment Score is customer environment specific and will
   ultimately impact the Overall CVSS Score. Customers can evaluate the
   impact of this vulnerability in their environments by accessing the links
   in the Reference section of this Security Bulletin.

Disclaimer

   According to the Forum of Incident Response and Security Teams (FIRST),
   the Common Vulnerability Scoring System (CVSS) is an "industry open
   standard designed to convey vulnerability severity and help to determine
   urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS""
   WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF
   MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE
   RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY
   VULNERABILITY.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXOOe7GaOgq3Tt24GAQgfqRAAqdAanvWPSVNWw9OxGoDokvTt+uEzDksx
sV9caPsAj28e/VYAPLnCo5+eDgpElM8S7/1Bd9dcLMPOzS79bTRoFoE4vo4w7fjA
rdqvak0ZPnJMq4x8oEq/h6yXycp8JwRDLGFb3GQnSUXQczT6/4JcXwaNnE9mXJL4
ZoUMQZG8dlMT6pfs80klao7MZQ/9cRfq//2JGBpLSPIKV9FOLLvnFrq0fqzkYDOB
jPYfHV9LQeKvYhyzDuahfb15cEVL5WvEk+VAOXUINTC4Tw44pdV0CKXCDRkjXOCl
3I4usafOrewoYk7gf57SHE62WHP67H934QZAvT5gKR0nSuWGZFjtTn9hromMDEta
DebsyLnqbTfQrLN9vYDLnxsIXTFq3rs5ecVa4W2gyQ59gaqA0fkdbfqU9ygBEHmi
EnQpDqO8F/q1pKdz8UWWqZ+UIiisiPIy/uaUMkeRAi7lkWnxqzxMjz56IAd2lnD1
xzU5qs7DccwOdJ76cVp8DY2CEERdjzM6EHxwMYfZxM5WZSM2aTVvwdkkH4fsFPh6
K2eE4GWW0zPvlODhyP8XiZc4jFKMbxvaiHZwjf6pwkLHsOdDlp+D365ePiPgRuAI
QFSPd7eeXRNgQ6p6G8kbtSp9gBDtI8x7g81zkGMYMPhgMzTT6/T1JR12vbtuWQAg
ov7b1KkppKY=
=qFJZ
-----END PGP SIGNATURE-----