ESB-2018.2931 - [Linux] IBM Security Guardium: Multiple vulnerabilities - 2018-09-28


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.2931
  Multiple vulnerabilities have been identified in IBM Security Guardium
                             28 September 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           IBM Security Guardium
Publisher:         IBM
Operating System:  Linux variants
Impact/Access:     Root Compromise                 -- Remote/Unauthenticated
                   Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                   Access Privileged Data          -- Remote/Unauthenticated
                   Denial of Service               -- Remote/Unauthenticated
                   Reduced Security                -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-12539 CVE-2018-11776 CVE-2018-2973
                   CVE-2018-2964 CVE-2018-2952 CVE-2018-2940
                   CVE-2018-1656 CVE-2018-1517 CVE-2018-1501
                   CVE-2018-1498 CVE-2017-8039 CVE-2017-4971
                   CVE-2017-3736 CVE-2017-3732 CVE-2017-1272
                   CVE-2016-9878 CVE-2016-0705 CVE-2015-8100
                   CVE-2015-5621 CVE-2014-3565 

Reference:         ASB-2018.0201
                   ASB-2018.0197
                   ASB-2018.0174
                   ASB-2018.0170
                   ESB-2015.2559
                   ESB-2015.2517
                   ESB-2015.2141
                   ESB-2015.1930

Original Bulletin: 
   http://www.ibm.com/support/docview.wss?uid=ibm10732785
   http://www.ibm.com/support/docview.wss?uid=ibm10730323
   http://www.ibm.com/support/docview.wss?uid=ibm10730317
   http://www.ibm.com/support/docview.wss?uid=ibm10732783
   http://www.ibm.com/support/docview.wss?uid=ibm10731655
   http://www.ibm.com/support/docview.wss?uid=ibm10730329
   http://www.ibm.com/support/docview.wss?uid=ibm10730313

Comment: This bulletin contains seven (7) IBM security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security
Guardium

Security Bulletin

Document information

More support for: IBM Security Guardium

Software version: 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, 10.5

Operating system(s): Linux

Reference #: 0732785

Modified date: 27 September 2018

Summary

There are multiple vulnerabilities in IBM(R) SDK Java(TM) Technology Edition,
Version 6 used by IBM Security Guardium. These issues were disclosed as part of
the IBM Java SDK updates in July 2018.

Vulnerability Details

CVEID: CVE-2017-3736
DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive
information, caused by a carry propagation flaw in the x86_64 Montgomery
squaring function bn_sqrx8x_internal(). An attacker with online access to an
unpatched system could exploit this vulnerability to obtain information about
the private key.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
134397 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID: CVE-2017-3732
DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive
information, caused by a carry propagating bug in the x86_64 Montgomery
squaring procedure. An attacker could exploit this vulnerability to obtain
information about the private key.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
121313 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2016-0705
DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a
double-free error when parsing DSA private keys. An attacker could exploit this
vulnerability to corrupt memory and cause a denial of service.
CVSS Base Score: 3.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
111140 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-1517
DESCRIPTION: A flaw in the java.math component in IBM SDK, Java Technology
Edition may allow an attacker to inflict a denial-of-service attack with
specially crafted String data.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
141681 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2018-1656
DESCRIPTION: The IBM Java Runtime Environment''s Diagnostic Tooling Framework
for Java (DTFJ) does not protect against path traversal attacks when extracting
compressed dump files.
CVSS Base Score: 7.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
144882 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)

CVEID: CVE-2018-2964
DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java
SE Deployment component could allow an unauthenticated attacker to take control
of the system.
CVSS Base Score: 8.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
146827 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)

CVEID: CVE-2018-2973
DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java
SE, Java SE Embedded JSSE component could allow an unauthenticated attacker to
cause no confidentiality impact, high integrity impact, and no availability
impact.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
146835 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID: CVE-2018-2952
DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java
SE, Java SE Embedded, JRockit Concurrency component could allow an
unauthenticated attacker to cause a denial of service resulting in a low
availability impact using unknown attack vectors.
CVSS Base Score: 3.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
146815 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-2940
DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java
SE, Java SE Embedded Libraries component could allow an unauthenticated
attacker to obtain sensitive information resulting in a low confidentiality
impact using unknown attack vectors.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
146803 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-3736
DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive
information, caused by a carry propagation flaw in the x86_64 Montgomery
squaring function bn_sqrx8x_internal(). An attacker with online access to an
unpatched system could exploit this vulnerability to obtain information about
the private key.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
134397 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID: CVE-2017-3732
DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive
information, caused by a carry propagating bug in the x86_64 Montgomery
squaring procedure. An attacker could exploit this vulnerability to obtain
information about the private key.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
121313 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2016-0705
DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a
double-free error when parsing DSA private keys. An attacker could exploit this
vulnerability to corrupt memory and cause a denial of service.
CVSS Base Score: 3.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
111140 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-1517
DESCRIPTION: A flaw in the java.math component in IBM SDK, Java Technology
Edition may allow an attacker to inflict a denial-of-service attack with
specially crafted String data.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
141681 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2018-1656
DESCRIPTION: The IBM Java Runtime Environment''s Diagnostic Tooling Framework
for Java (DTFJ) does not protect against path traversal attacks when extracting
compressed dump files.
CVSS Base Score: 7.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
144882 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)

CVEID: CVE-2018-2964
DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java
SE Deployment component could allow an unauthenticated attacker to take control
of the system.
CVSS Base Score: 8.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
146827 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)

CVEID: CVE-2018-2973
DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java
SE, Java SE Embedded JSSE component could allow an unauthenticated attacker to
cause no confidentiality impact, high integrity impact, and no availability
impact.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
146835 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID: CVE-2018-2952
DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java
SE, Java SE Embedded, JRockit Concurrency component could allow an
unauthenticated attacker to cause a denial of service resulting in a low
availability impact using unknown attack vectors.
CVSS Base Score: 3.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
146815 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-2940
DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the Java
SE, Java SE Embedded Libraries component could allow an unauthenticated
attacker to obtain sensitive information resulting in a low confidentiality
impact using unknown attack vectors.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
146803 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)

CVEID: CVE-2018-12539
DESCRIPTION: Eclipse OpenJ9 could allow a local attacker to gain elevated
privileges on the system, caused by the failure to restrict the use of Java
Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and
use Attach API operations to only the process owner. An attacker could exploit
this vulnerability to execute untrusted native code and gain elevated
privileges on the system.
CVSS Base Score: 8.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
148389 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

IBM Security Guardium V10.0 - 10.5

Remediation/Fixes

+--------------------+--------------+----------------------------------------------------------------------------------------+
|Product             |VRMF          |Remediation/First Fix                                                                   |
+--------------------+--------------+----------------------------------------------------------------------------------------+
|IBM Security        |10.0 - 10.5   |https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=                     |
|Guardium            |              |ibm%2FInformation+Management%2FInfoSphere+Guardium&fixids=                              |
|                    |              |SqlGuard_10.0p512_Sep-24-2018&source=SAR&function=fixId&parent=IBM%20Security           |
+--------------------+--------------+----------------------------------------------------------------------------------------+

Workarounds and Mitigations

None

Change History

Sep 26, 2018: Original Version Published

*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF
ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

- --------------------------------------------------------------------------------

Security Bulletin: IBM Security Guardium is affected by a Missing Security
Control vulnerability

Security Bulletin

Document information

More support for: IBM Security Guardium

Software version: 10.5

Operating system(s): Linux

Reference #: 0730323

Modified date: 27 September 2018

Summary

IBM Security Guardium has addressed the following vulnerability.

Vulnerability Details

CVEID: CVE-2018-1501
DESCRIPTION: IBM Security Guardium EcoSystem could allow an unauthorized user
to obtain sensitive information due to missing security controls.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
141226 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)


Affected Products and Versions

+--------------------------------------------------------------------+--------------------------+
|                   Affected IBM Security Guardium                   |    Affected Versions     |
+--------------------------------------------------------------------+--------------------------+
|IBM Security Guardium                                               |10.5                      |
+--------------------------------------------------------------------+--------------------------+


Remediation/Fixes

+---------------------+---------------+--------------------------------------------------+
|       Product       |     VRMF      |             Remediation / First Fix              |
+---------------------+---------------+--------------------------------------------------+
|                     |               |https://www-945.ibm.com/support/fixcentral/swg/   |
|                     |               |selectFixes?product=                              |
|IBM Security Guardium|10.5           |ibm%2FInformation+Management%2FInfoSphere+Guardium|
|                     |               |&fixids=SqlGuard_10.0p512_Sep-24-2018&source=SAR& |
|                     |               |function=fixId&parent=IBM%20Security              |
+---------------------+---------------+--------------------------------------------------+

Workarounds and Mitigations

None

Acknowledgement

IBM X-Force Ethical Hacking Team: Warren Moynihan, Jonathan Fitz-Gerald, John
Zuccato, Rodney Ryan, Chris Shepherd, Dmitriy Beryoza

Change History

Sep 27, 2018: Original version published

*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF
ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

- --------------------------------------------------------------------------------

Security Bulletin: IBM Security Guardium is affected by a Password in Clear
Text vulnerability

Document information

More support for: IBM Security Guardium

Software version: 10.5

Operating system(s): Linux

Reference #: 0730317

Modified date: 27 September 2018

Security Bulletin

Summary

IBM Security Guardium has addressed the following vulnerability.

Vulnerability Details

CVEID: CVE-2018-1498
DESCRIPTION: IBM Security Guardium EcoSystem stores user credentials in plain
in clear text which can be read by a local user.
CVSS Base Score: 6.2
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
141223 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

+--------------------------------------------+-----------------+
|       Affected IBM Security Guardium       |Affected Versions|
+--------------------------------------------+-----------------+
|IBM Security Guardium                       |10.5             |
+--------------------------------------------+-----------------+

Remediation/Fixes

+---------------------+---------------+--------------------------------------------------+
|       Product       |     VRMF      |             Remediation / First Fix              |
+---------------------+---------------+--------------------------------------------------+
|                     |               |https://www-945.ibm.com/support/fixcentral/swg/   |
|                     |               |selectFixes?product=                              |
|IBM Security Guardium|10.5           |ibm%2FInformation+Management%2FInfoSphere+Guardium|
|                     |               |&fixids=SqlGuard_10.0p512_Sep-24-2018&source=SAR& |
|                     |               |function=fixId&parent=IBM%20Security              |
+---------------------+---------------+--------------------------------------------------+

Workarounds and Mitigations

None

Acknowledgement

IBM X-Force Ethical Hacking Team: Warren Moynihan, Jonathan Fitz-Gerald, John
Zuccato, Rodney Ryan, Chris Shepherd, Dmitriy Beryoza

Change History

Sep 27, 2018: Original version published

*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF
ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

- --------------------------------------------------------------------------------

Security Bulletin: IBM Security Guardium is affected by a Publicly disclosed
Apache Struts vulnerability

Security Bulletin

Document information

More support for: IBM Security Guardium

Software version: 10.1.4, 10.5

Operating system(s): Linux

Reference #: 0732783

Modified date: 27 September 2018

Summary

IBM Security Guardium has addressed the following vulnerability.

Vulnerability Details

CVEID: CVE-2018-11776
DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary
code on the system, caused by an error when using results with no namespace and
its upper action configurations have no wildcard namespace. An attacker could
exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 9.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
148694 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

+---------------------------------+-----------------+
| Affected IBM Security Guardium  |Affected Versions|
+---------------------------------+-----------------+
|IBM Security Guardium            |10.1.4-10.5      |
+---------------------------------+-----------------+

Remediation/Fixes

 

+---------------------+---------------+--------------------------------------------------+
|       Product       |     VRMF      |             Remediation / First Fix              |
+---------------------+---------------+--------------------------------------------------+
|                     |               |https://www-945.ibm.com/support/fixcentral/swg/   |
|                     |               |selectFixes?product=                              |
|IBM Security Guardium|10.1.4         |ibm%2FInformation+Management%2FInfoSphere+Guardium|
|                     |               |&fixids=                                          |
|                     |               |SqlGuard_10.0p413_Apache-Struts-Vulnerability-Fix&|
|                     |               |source=SAR&function=fixId&parent=IBM%20Security   |
+---------------------+---------------+--------------------------------------------------+
|                     |               |https://www-945.ibm.com/support/fixcentral/swg/   |
|                     |               |selectFixes?product=                              |
|IBM Security Guardium|10.5           |ibm%2FInformation+Management%2FInfoSphere+Guardium|
|                     |               |&fixids=SqlGuard_10.0p512_Sep-24-2018&source=SAR& |
|                     |               |function=fixId&parent=IBM%20Security              |
+---------------------+---------------+--------------------------------------------------+

Workarounds and Mitigations

None


Change History

Sep 26, 2018: Original Version Published

*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF
ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

- --------------------------------------------------------------------------------

Security Bulletin: IBM Security Guardium is affected by a Query Parameter in
SSL Request vulnerability

Document information

More support for: IBM Security Guardium

Software version: 10.0 - 10.5

Operating system(s): Linux

Reference #: 0731655

Modified date: 27 September 2018

Security Bulletin

Summary

IBM Security Guardium has addressed the following vulnerability.

Vulnerability Details

CVEID: CVE-2017-1272
DESCRIPTION: IBM Security Guardium stores sensitive information in URL
parameters. This may lead to information disclosure if unauthorized parties
have access to the URLs via server logs, referrer header or browser history.
CVSS Base Score: 3.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
124747 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

+--------------------------------------------+-----------------+
|       Affected IBM Security Guardium       |Affected Versions|
+--------------------------------------------+-----------------+
|IBM Security Guardium                       |10.0 -10.5       |
+--------------------------------------------+-----------------+

Remediation/Fixes

+---------------------+---------------+--------------------------------------------------+
|       Product       |     VRMF      |             Remediation / First Fix              |
+---------------------+---------------+--------------------------------------------------+
|                     |               |https://www-945.ibm.com/support/fixcentral/swg/   |
|                     |               |selectFixes?product=                              |
|IBM Security Guardium|10.0 - 10.5    |ibm%2FInformation+Management%2FInfoSphere+Guardium|
|                     |               |&fixids=SqlGuard_10.0p512_Sep-24-2018&source=SAR& |
|                     |               |function=fixId&parent=IBM%20Security              |
+---------------------+---------------+--------------------------------------------------+

Workarounds and Mitigations

None

Acknowledgement

IBM X-Force Ethical Hacking Team: Warren Moynihan, Jonathan Fitz-Gerald, John
Zuccato, Rodney Ryan, Chris Shepherd, Dmitriy Beryoza

Change History

Sept 27, 2018: Original version published

*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF
ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

- --------------------------------------------------------------------------------

Security Bulletin: IBM Security Guardium is affected by a Using Components with
Known Vulnerabilities vulnerabilities

Document information

More support for: IBM Security Guardium

Software version: 10.5

Operating system(s): Linux

Reference #: 0730329

Modified date: 27 September 2018

Security Bulletin

Summary

IBM Security Guardium has addressed the following vulnerabilities.

Vulnerability Details

CVEID: CVE-2015-8100
DESCRIPTION: OpenBSD could allow a local attacker to obtain sensitive
information, caused by the use of 0644 permissions for snmpd.conf by the
net-snmp package. By reading the file, an attacker could exploit this
vulnerability to obtain sensitive information.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
107941 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2015-5621
DESCRIPTION: Net-SNMP is vulnerable to a denial of service, caused by
incompletely parsed varBind variables being left in the list of variables by
the snmp_pdu_parse() function. A remote attacker could exploit this
vulnerability to cause the application to crash or possibly execute arbitrary
code on the system.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
105232 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2014-3565
DESCRIPTION: Net-SNMP is vulnerable to a denial of service, caused by the
improper handling of SNMP traps when started with the "-OQ" option. By sending
an SNMP trap message containing a variable with a NULL type, a remote attacker
could exploit this vulnerability to cause snmptrapd to crash.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
95638 for the current score

Affected Products and Versions

+--------------------------------------------+-----------------+
|       Affected IBM Security Guardium       |Affected Versions|
+--------------------------------------------+-----------------+
|IBM Security Guardium                       |10.5             |
+--------------------------------------------+-----------------+

Remediation/Fixes

+---------------------+---------------+--------------------------------------------------+
|       Product       |     VRMF      |             Remediation / First Fix              |
+---------------------+---------------+--------------------------------------------------+
|                     |               |https://www-945.ibm.com/support/fixcentral/swg/   |
|                     |               |selectFixes?product=                              |
|IBM Security Guardium|10.5           |ibm%2FInformation+Management%2FInfoSphere+Guardium|
|                     |               |&fixids=SqlGuard_10.0p512_Sep-24-2018&source=SAR& |
|                     |               |function=fixId&parent=IBM%20Security              |
+---------------------+---------------+--------------------------------------------------+

Workarounds and Mitigations

None

Acknowledgement

IBM X-Force Ethical Hacking Team: Warren Moynihan, Jonathan Fitz-Gerald, John
Zuccato, Rodney Ryan, Chris Shepherd, Dmitriy Beryoza

Change History

Sept 27, 2018: Original version published

*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF
ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.


- --------------------------------------------------------------------------------

Security Bulletin: IBM Security Guardium is affected by a Using Components with
Known Vulnerabilities vulnerability

Security Bulletin

Document information

More support for: IBM Security Guardium

Software version: 10.5

Operating system(s): Linux

Reference #: 0730313

Modified date: 27 September 2018

Summary

IBM Security Guardium has addressed the following vulnerabilities.

Vulnerability Details

CVEID: CVE-2017-8039
DESCRIPTION: Pivotal Spring Web Flow could provide weaker than expected
security, caused by an error related to applications that do not change the
value of the MvcViewFactoryCreator useSpringBinding property. An attacker could
exploit this vulnerability to launch further attacks on the system.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
135398 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID: CVE-2017-4971
DESCRIPTION: Pivotal Spring Web Flow could provide weaker than expected, caused
by an error related to applications that do not change the value of the
MvcViewFactoryCreator useSpringBinding property. An attacker could exploit this
vulnerability to launch further attacks on the system.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
127748 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID: CVE-2016-9878
DESCRIPTION: Pivotal Spring Framework could allow a remote attacker to traverse
directories on the system, caused by the failure to sanitize paths provided to
ResourceServlet. An attacker could send a specially-crafted URL request
containing directory traversal sequences to view arbitrary files on the system.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
120241 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

+--------------------------------------------+-----------------+
|       Affected IBM Security Guardium       |Affected Versions|
+--------------------------------------------+-----------------+
|IBM Security Guardium                       |10.5             |
+--------------------------------------------+-----------------+

Remediation/Fixes

+---------------------+---------------+--------------------------------------------------+
|       Product       |     VRMF      |             Remediation / First Fix              |
+---------------------+---------------+--------------------------------------------------+
|                     |               |https://www-945.ibm.com/support/fixcentral/swg/   |
|                     |               |selectFixes?product=                              |
|IBM Security Guardium|10.5           |ibm%2FInformation+Management%2FInfoSphere+Guardium|
|                     |               |&fixids=SqlGuard_10.0p512_Sep-24-2018&source=SAR& |
|                     |               |function=fixId&parent=IBM%20Security              |
+---------------------+---------------+--------------------------------------------------+

Workarounds and Mitigations

None

Acknowledgement

IBM X-Force Ethical Hacking Team: Warren Moynihan, Jonathan Fitz-Gerald, John
Zuccato, Rodney Ryan, Chris Shepherd, Dmitriy Beryoza

Change History

Sep 27, 2018: Original version published

*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF
ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBW63INWaOgq3Tt24GAQh4Mw//VjvgGwC/OTsdOdoOTgcpYZpReLVpTXxj
s0eFKyYtZdBI0hNDttPino+nCnz/rKu6T3MIU3ZjPEEm+dLOBBo2aJlQANaojW2R
gS/l0OVAlK6yiC/YSoujV9wKyfFRUUwZjk2Lv5F0FPnL1O8XprFqIF86iP/6LITG
iDjvJUXEKGgnX7hs8QTmkJeOld6ap9DcjLbgyvvGvrBphlX2O9BspC/5KLorBE7e
Rxp6RYzHymA4yii16QeU6DtQS+FAXGHS7bb8JBdjKPXXFBtfNirMZgwBT/fpLS+4
3AWmpvoDrhO6xgZS5/SCaU0qC5/NLI8oXf9AXPKgxb25SmCadh0ZZajGql1mCgpr
TmZ/VjNFaycyBNf10MwomixIkY/ALJfDaCF/50jMWaU1nHrZxLoGEl6ofOGRx50j
rsT16DFgTsFsnBRKYOX31v2oQENGYy7Q1IWUkbNiOWVTvb4Pw5iVmPPxyArqjkiu
5p+Zig2r8+CXGHxUSF88zhoKKk4ijyqkVv5789OaLFLt8e4Er7MRP0cYETGAM4kD
MZ5PEsy20Zy29MRXFaba/m8/lF4cUKKL77n2bCVTlJwu0a8oJtnHGOETZNSfzJGd
cP0BBInz5vXcPkG955cp4FwHQsIk8QNQiogE3v4n77n5nYmymofH++127kRa+Q1M
aYJXNnEWuyI=
=4z+A
-----END PGP SIGNATURE-----