ESB-2018.3876 - [Linux] IBM Security Guardium products: Multiple vulnerabilities 2018-12-14

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.3876
         IBM Security Guardium addresses security vulnerabilities
                             14 December 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           IBM Security Guardium products
Publisher:         IBM
Operating System:  Linux variants
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated      
                   Root Compromise                 -- Existing Account            
                   Modify Permissions              -- Remote/Unauthenticated      
                   Access Privileged Data          -- Existing Account            
                   Denial of Service               -- Remote/Unauthenticated      
                   Cross-site Scripting            -- Remote with User Interaction
                   Provide Misleading Information  -- Remote/Unauthenticated      
                   Unauthorised Access             -- Remote/Unauthenticated      
                   Read-only Data Access           -- Existing Account            
                   Reduced Security                -- Existing Account            
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-8012 CVE-2018-3646 CVE-2018-3620
                   CVE-2018-1891 CVE-2018-1889 CVE-2018-1509
                   CVE-2017-15804 CVE-2017-15713 CVE-2017-15671
                   CVE-2017-15670 CVE-2017-3162 CVE-2017-3161
                   CVE-2017-1597 CVE-2017-1272 CVE-2017-1265
                   CVE-2016-6811 CVE-2016-5001 CVE-2016-1182
                   CVE-2016-1181 CVE-2015-5237 CVE-2015-0899
                   CVE-2014-3627 CVE-2014-0229 CVE-2011-5320

Original Bulletin: 
   http://www.ibm.com/support/docview.wss?uid=ibm10787857
   http://www.ibm.com/support/docview.wss?uid=swg22014231
   http://www.ibm.com/support/docview.wss?uid=ibm10788333
   http://www.ibm.com/support/docview.wss?uid=ibm10742865
   http://www.ibm.com/support/docview.wss?uid=ibm10743371
   http://www.ibm.com/support/docview.wss?uid=ibm10744513
   http://www.ibm.com/support/docview.wss?uid=swg22014229
   http://www.ibm.com/support/docview.wss?uid=ibm10731655
   http://www.ibm.com/support/docview.wss?uid=ibm10742863
   http://www.ibm.com/support/docview.wss?uid=ibm10731647
   http://www.ibm.com/support/docview.wss?uid=ibm10730319
   http://www.ibm.com/support/docview.wss?uid=ibm10741659

Comment: This bulletin contains twelve (12) IBM security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

Security Bulletin: IBM Security Guardium is affected by an OpenSource Apache
Struts Vulnerability

Document information
Component: --
Software version: 10.5
Operating system(s): Linux
Reference #: 0787857
Modified date: 13 December 2018

Summary

IBM Security Guardium has addressed the following vulnerability.

Vulnerability Details

CVE-ID: CVE-2015-0899
Description: Apache Struts could allow a remote attacker to bypass security
restrictions, caused by an error in the MultiPageValidator implementation. An
attacker could exploit this vulnerability using a modified page parameter to
bypass restrictions and launch further attacks on the system.
This vulnerability also affects other products.
CVSS Base Score: 4.300
CVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/
101770 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

Affected Products and Versions

+-------------------------------------------------------+
|    Affected IBM Security Guardium     |   Affected    |
|                                       |   Versions    |
|---------------------------------------+---------------|
|IBM Security Guardium                  |10.0 - 10.5    |
+-------------------------------------------------------+

Remediation/Fixes

+---------------------------------------------------------------------+
|     Product      |    VRMF     |      Remediation / First Fix       |
|------------------+-------------+------------------------------------|
|                  |             |http://www.ibm.com/support/         |
|                  |             |fixcentral/swg/quickorder?parent=   |
|                  |             |IBM%20Security&product=ibm/         |
|IBM Security      |10.0 - 10.5  |Information+Management/             |
|Guardium          |             |InfoSphere+Guardium&release=10.0&   |
|                  |             |platform=All&function=fixId&fixids= |
|                  |             |SqlGuard_10.0p600_GPU_Nov-2018-V10.6|
|                  |             |&includeSupersedes=0&source=fc      |
+---------------------------------------------------------------------+

Workarounds and Mitigations

None

Acknowledgement

IBM X-Force Ethical Hacking Team: Warren Moynihan, Jonathan Fitz-Gerald, John
Zuccato, Rodney Ryan, Chris Shepherd, Dmitriy Beryoza

Change History

Dec 11, 2018: Original version published

- -------------------------------------------------------------------------------

Security Bulletin: IBM Security Guardium Database Activity Monitor is affected
by a Weak Passsword Policy vulnerability

Document information
Component: --
Software version: 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, 10.5
Operating system(s): Linux
Reference #: 2014231
Modified date: 13 December 2018

Summary

IBM Security Guardium Database Activity Monitor has addressed the following
vulnerability.

Vulnerability Details

CVEID: CVE-2017-1597
DESCRIPTION: IBM Security Guardium Database Activity Monitor does not require
that users should have strong passwords by default, which makes it easier for
attackers to compromise user accounts.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
132610 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

IBM Security Guardium Database Activity Monitor V10.0 -  10.5

Remediation/Fixes

+-------------------------------------------------------------------------------+
|Product     |VRMF      |Remediation/First Fix                                  |
|------------+----------+-------------------------------------------------------|
|IBM Security|10.0 -    |http://www.ibm.com/support/fixcentral/swg/quickorder?  |
|Guardium    |10.5      |parent=IBM%20Security&product=ibm/                     |
|Database    |          |Information+Management/InfoSphere+Guardium&release=10.0|
|Activity    |          |&platform=All&function=fixId&fixids=                   |
|Monitor     |          |SqlGuard_10.0p600_GPU_Nov-2018-V10.6&includeSupersedes=|
|            |          |0&source=fc                                            |
+-------------------------------------------------------------------------------+

Workarounds and Mitigations

None

Change History

Dec 13, 2018: Original Version Published

- --------------------------------------------------------------------------------

Security Bulletin: IBM Security Guardium is affected by Open Source GNU glibc
Vulnerabilities

Document information
Component: --
Software version: 10-10.5
Operating system(s): Linux
Reference #: 0788333
Modified date: 13 December 2018

Summary

IBM Security Guardium has addressed the following vulnerabilities.

Vulnerability Details

CVEID: CVE-2017-15804
DESCRIPTION: GNU C Library (aka glibc or libc6) is vulnerable to a buffer
overflow, caused by improper bounds checking by glob function in glob.c. By
using a specially-crafted file, a local attacker could overflow a buffer.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
133996 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)

CVEID: CVE-2017-15671
DESCRIPTION: GNU C Library is vulnerable to a denial of service, caused by a
memory leak in the glob function in glob.c. A remote attacker could exploit
this vulnerability to cause a denial of service condition.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
133909 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-15670
DESCRIPTION: GNU C Library is vulnerable to a heap-based buffer overflow,
caused by improper bounds checking by the glob function in glob.c. By sending a
specially-crafted string, a remote attacker could overflow a buffer and execute
arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
133915 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID: CVE-2011-5320
DESCRIPTION: GNU glibc is vulnerable to a denial of service, caused by a flaw
in the scanf and related functions. By using a large string of os, a local
attacker could exploit this vulnerability to cause a segmentation fault.
CVSS Base Score: 6.2
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
133667 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

+-------------------------------------------------------------------------------------+
|               Affected IBM Security Guardium                |   Affected Versions   |
|-------------------------------------------------------------+-----------------------|
|IBM Security Guardium                                        |10.0 - 10.5            |
+-------------------------------------------------------------------------------------+

Remediation/Fixes

+---------------------------------------------------------------------+
|     Product      |    VRMF     |      Remediation / First Fix       |
|------------------+-------------+------------------------------------|
|                  |             |http://www.ibm.com/support/         |
|                  |             |fixcentral/swg/quickorder?parent=   |
|                  |             |IBM%20Security&product=ibm/         |
|IBM Security      |10.0 - 10.5  |Information+Management/             |
|Guardium          |             |InfoSphere+Guardium&release=10.0&   |
|                  |             |platform=All&function=fixId&fixids= |
|                  |             |SqlGuard_10.0p600_GPU_Nov-2018-V10.6|
|                  |             |&includeSupersedes=0&source=fc      |
+---------------------------------------------------------------------+

Workarounds and Mitigations

None

Change History

Dec 13, 2018: Original version published

- -------------------------------------------------------------------------------

Security Bulletin: IBM Security Guardium is affected by a Cross-Site scripting
vulnerabilities vulnerability

Document information
Component: --
Software version: 10-10.5
Operating system(s): Linux
Reference #: 0742865
Modified date: 13 December 2018

Summary

IBM Security Guardium has addressed the following vulnerabilities.

Vulnerability Details

CVEID: CVE-2018-1891
DESCRIPTION: IBM Security Guardium is vulnerable to cross-site scripting. This
vulnerability allows users to embed arbitrary JavaScript code in the Web UI
thus altering the intended functionality potentially leading to credentials
disclosure within a trusted session.
CVSS Base Score: 5.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
152082 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

Affected Products and Versions

+-------------------------------------------------------------------------------------+
|               Affected IBM Security Guardium                |   Affected Versions   |
|-------------------------------------------------------------+-----------------------|
|IBM Security Guardium                                        |10.0 - 10.5            |
+-------------------------------------------------------------------------------------+

Remediation/Fixes

+---------------------------------------------------------------------+
|     Product      |    VRMF     |      Remediation / First Fix       |
|------------------+-------------+------------------------------------|
|                  |             |http://www.ibm.com/support/         |
|                  |             |fixcentral/swg/quickorder?parent=   |
|                  |             |IBM%20Security&product=ibm/         |
|IBM Security      |10.0 - 10.5  |Information+Management/             |
|Guardium          |             |InfoSphere+Guardium&release=10.0&   |
|                  |             |platform=All&function=fixId&fixids= |
|                  |             |SqlGuard_10.0p600_GPU_Nov-2018-V10.6|
|                  |             |&includeSupersedes=0&source=fc      |
+---------------------------------------------------------------------+

Workarounds and Mitigations

None

Acknowledgement

Bank New York Mellon (BNYM)

Change History

Dec 13, 2018: Original version published

- --------------------------------------------------------------------------------

Security Bulletin: IBM Security Guardium is affected by a Cross-Site scripting
vulnerability in user login vulnerability

Document information
Component: --
Software version: 10-10.5
Operating system(s): Linux
Reference #: 0743371
Modified date: 13 December 2018

Summary

IBM Security Guardium has addressed the following vulnerabilities.

Vulnerability Details

CVEID: CVE-2018-1889
DESCRIPTION: IBM Security Guardium is vulnerable to cross-site scripting. This
vulnerability allows users to embed arbitrary JavaScript code in the Web UI
thus altering the intended functionality potentially leading to credentials
disclosure within a trusted session.
CVSS Base Score: 5.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
152080 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

Affected Products and Versions

+-------------------------------------------------------------------------------------+
|               Affected IBM Security Guardium                |   Affected Versions   |
|-------------------------------------------------------------+-----------------------|
|IBM Security Guardium                                        |10.0 - 10.5            |
+-------------------------------------------------------------------------------------+

Remediation/Fixes

+---------------------------------------------------------------------+
|     Product      |    VRMF     |      Remediation / First Fix       |
|------------------+-------------+------------------------------------|
|                  |             |http://www.ibm.com/support/         |
|                  |             |fixcentral/swg/quickorder?parent=   |
|                  |             |IBM%20Security&product=ibm/         |
|IBM Security      |10.0 - 10.5  |Information+Management/             |
|Guardium          |             |InfoSphere+Guardium&release=10.0&   |
|                  |             |platform=All&function=fixId&fixids= |
|                  |             |SqlGuard_10.0p600_GPU_Nov-2018-V10.6|
|                  |             |&includeSupersedes=0&source=fc      |
+---------------------------------------------------------------------+

Workarounds and Mitigations

None

Acknowledgement

Riyhad Bank

Change History

Dec 13, 2018: Original version published

- --------------------------------------------------------------------------------

Security Bulletin: IBM Security Guardium is affected by a Foreshadow Spectre
Variant vulnerability

Document information
Component: --
Software version: 10-10.5
Operating system(s): Linux
Reference #: 0744513
Modified date: 13 December 2018

Summary

IBM Security Guardium has addressed the following vulnerabilities

Vulnerability Details

CVEID: CVE-2018-3646
DESCRIPTION: Multiple Intel CPU's could allow a local attacker to obtain
sensitive information, caused by a flaw in the CPU speculative branch
instruction execution feature. By conducting targeted cache side-channel
attacks and via a terminal page fault, an attacker with guest OS privilege
could exploit this vulnerability to leak information residing in the L1 data
cache and read data belonging to different security contexts.
CVSS Base Score: 7.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
148319 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)

CVEID: CVE-2018-3620
DESCRIPTION: Multiple Intel CPU's could allow a local attacker to obtain
sensitive information, caused by a flaw in the CPU speculative branch
instruction execution feature. By conducting targeted cache side-channel
attacks and via a terminal page fault, an attacker could exploit this
vulnerability to leak information residing in the L1 data cache and read data
belonging to different security contexts. Note: This vulnerability is also
known as the "L1 Terminal Fault (L1TF)" or "Foreshadow" attack.
CVSS Base Score: 7.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
148318 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)

Affected Products and Versions

+-------------------------------------------------------------------------------------+
|               Affected IBM Security Guardium                |   Affected Versions   |
|-------------------------------------------------------------+-----------------------|
|IBM Security Guardium                                        |10.0 - 10.5            |
+-------------------------------------------------------------------------------------+

Remediation/Fixes

+---------------------------------------------------------------------+
|     Product      |    VRMF     |      Remediation / First Fix       |
|------------------+-------------+------------------------------------|
|                  |             |http://www.ibm.com/support/         |
|                  |             |fixcentral/swg/quickorder?parent=   |
|                  |             |IBM%20Security&product=ibm/         |
|IBM Security      |10.0 - 10.5  |Information+Management/             |
|Guardium          |             |InfoSphere+Guardium&release=10.0&   |
|                  |             |platform=All&function=fixId&fixids= |
|                  |             |SqlGuard_10.0p600_GPU_Nov-2018-V10.6|
|                  |             |&includeSupersedes=0&source=fc      |
+---------------------------------------------------------------------+

Workarounds and Mitigations

None

Change History

Dec 13, 2018: Original version published

- --------------------------------------------------------------------------------

Security Bulletin: IBM Security Guardium is affected by a Improper Certificate
Validation vulnerability

Document information
Component: --
Software version: 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, 10.5
Operating system(s): Linux
Reference #: 2014229
Modified date: 13 December 2018

Summary

IBM Security Guardium has addressed the following vulnerability

Vulnerability Details

CVEID: CVE-2017-1265
DESCRIPTION: IBM Security Guardium does not validate, or incorrectly validates,
a certificate. This weakness might allow an attacker to spoof a trusted entity
by using a man-in-the-middle (MITM) techniques.
CVSS Base Score: 3.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
124740 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

IBM Security Guardium V10.0 -  10.5

Remediation/Fixes

+-------------------------------------------------------------------------------+
|Product     |VRMF      |Remediation/First Fix                                  |
|------------+----------+-------------------------------------------------------|
|IBM Security|10.0 -    |http://www.ibm.com/support/fixcentral/swg/quickorder?  |
|Guardium    |10.5      |parent=IBM%20Security&product=ibm/                     |
|            |          |Information+Management/InfoSphere+Guardium&release=10.0|
|            |          |&platform=All&function=fixId&fixids=                   |
|            |          |SqlGuard_10.0p600_GPU_Nov-2018-V10.6&includeSupersedes=|
|            |          |0&source=fc                                            |
+-------------------------------------------------------------------------------+

Workarounds and Mitigations

None

Acknowledgement

IBM X-Force Ethical Hacking Team: Ron Craig, Warren Moynihan, Jonathan
Fitz-Gerald, John Zuccato, Rodney Ryan, Chris Shepherd, Dmitriy Beryoza

Change History

Dec 13, 2018: Original Version Published

- --------------------------------------------------------------------------------

Security Bulletin: IBM Security Guardium is affected by a Query Parameter in
SSL Request vulnerability

Document information
Component: --
Software version: 10.0 - 10.5
Operating system(s): Linux
Reference #: 0731655
Modified date: 13 December 2018

Summary

IBM Security Guardium has addressed the following vulnerability.

Vulnerability Details

CVEID: CVE-2017-1272
DESCRIPTION: IBM Security Guardium stores sensitive information in URL
parameters. This may lead to information disclosure if unauthorized parties
have access to the URLs via server logs, referrer header or browser history.
CVSS Base Score: 3.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
124747 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

+-------------------------------------------------------+
|    Affected IBM Security Guardium     |   Affected    |
|                                       |   Versions    |
|---------------------------------------+---------------|
|IBM Security Guardium                  |10.0 -10.5     |
+-------------------------------------------------------+

Remediation/Fixes

+---------------------------------------------------------------------+
|     Product      |    VRMF     |      Remediation / First Fix       |
|------------------+-------------+------------------------------------|
|                  |             |http://www.ibm.com/support/         |
|                  |             |fixcentral/swg/quickorder?parent=   |
|                  |             |IBM%20Security&product=ibm/         |
|IBM Security      |10.0 - 10.5  |Information+Management/             |
|Guardium          |             |InfoSphere+Guardium&release=10.0&   |
|                  |             |platform=All&function=fixId&fixids= |
|                  |             |SqlGuard_10.0p600_GPU_Nov-2018-V10.6|
|                  |             |&includeSupersedes=0&source=fc      |
+---------------------------------------------------------------------+

Workarounds and Mitigations

None

Acknowledgement

IBM X-Force Ethical Hacking Team: Warren Moynihan, Jonathan Fitz-Gerald, John
Zuccato, Rodney Ryan, Chris Shepherd, Dmitriy Beryoza

Change History

Dec 11, 2018: Original version published

- -------------------------------------------------------------------------------

Security Bulletin: IBM Security Guardium is affected by a Using Components with
Known Vulnerabilities vulnerability

Security Bulletin

Document information
Component: --
Software version: 10-10.5
Operating system(s): Linux
Reference #: 0742863
Modified date: 13 December 2018

Summary

IBM Security Guardium has addressed the following vulnerabilities.

Vulnerability Details

CVEID: CVE-2015-5237
DESCRIPTION: Google Protocol Buffers could allow a remote attacker to execute
arbitrary code on the system, caused by an integer overflow in
MessageLite::SerializeToString. A remote attacker could exploit this
vulnerability to execute arbitrary code on the vulnerable system or cause a
denial of service.
CVSS Base Score: 6.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
105989 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)

CVEID: CVE-2017-3162
DESCRIPTION: Apache Hadoop could allow a remote attacker to bypass security
restrictions, caused by the interaction between HDFS clients and a servlet on
the DataNode to browse the HDFS namespace. An attacker could exploit this
vulnerability to bypass security restrictions.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
125388 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID: CVE-2017-3161
DESCRIPTION: Apache Hadoop is vulnerable to cross-site scripting, caused by
improper validation of user-supplied input by the HDFS web UI. A remote
attacker could exploit this vulnerability using the unescaped query parameter
in a specially-crafted URL to execute script in a victim''s Web browser within
the security context of the hosting Web site, once the URL is clicked. An
attacker could use this vulnerability to steal the victim''s cookie-based
authentication credentials.
CVSS Base Score: 6.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
125387 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID: CVE-2017-15713
DESCRIPTION: Apache Hadoop could allow a remote authenticated attacker to
obtain sensitive information. By using a specially-crafted file, a remote
attacker could exploit this vulnerability to expose private files.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
138064 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2016-6811
DESCRIPTION: Apache Hadoop could allow a local attacker to gain elevated
privileges on the system. By escalating to yarn user, an attacker could exploit
this vulnerability to execute arbitrary commands on the system with root
privileges.
CVSS Base Score: 8.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
142610 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2016-5001
DESCRIPTION: Apache Hadoop could allow a local authenticated attacker to obtain
sensitive information, caused by a flaw in the short-circuit reads feature. By
using a specially-crafted block token, a local attacker could exploit this
vulnerability to obtain sensitive information.
CVSS Base Score: 5.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
131248 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)

CVEID: CVE-2014-3627
DESCRIPTION: Apache Hadoop could allow a remote attacker to obtain sensitive
information, caused by an error when running the YARN NodeManager process. An
attacker could exploit this vulnerability using a symlink attack to obtain
sensitive information.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
99127 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2014-0229
DESCRIPTION: Cloudera CDH is vulnerable to a denial of service, caused by the
failure to check authorization for multiple commands in the built-in Apache
Hadoop. By issuing a command, a remote authenticated attacker could exploit
this vulnerability to cause the DataNodes to shutdown or perform unnecessary
operations.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
132524 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

+-------------------------------------------------------------------------------------+
|               Affected IBM Security Guardium                |   Affected Versions   |
|-------------------------------------------------------------+-----------------------|
|IBM Security Guardium                                        |10.0 - 10.5            |
+-------------------------------------------------------------------------------------+

Remediation/Fixes

+---------------------------------------------------------------------+
|     Product      |    VRMF     |      Remediation / First Fix       |
|------------------+-------------+------------------------------------|
|                  |             |http://www.ibm.com/support/         |
|                  |             |fixcentral/swg/quickorder?parent=   |
|                  |             |IBM%20Security&product=ibm/         |
|IBM Security      |10.0 - 10.5  |Information+Management/             |
|Guardium          |             |InfoSphere+Guardium&release=10.0&   |
|                  |             |platform=All&function=fixId&fixids= |
|                  |             |SqlGuard_10.0p600_GPU_Nov-2018-V10.6|
|                  |             |&includeSupersedes=0&source=fc      |
+---------------------------------------------------------------------+

Workarounds and Mitigations

None

Acknowledgement

IBM X-Force Ethical Hacking Team: Warren Moynihan, Jonathan Fitz-Gerald, John
Zuccato, Rodney Ryan, Chris Shepherd, Dmitriy Beryoza

Change History

Dec 11, 2018: Original version published

- -------------------------------------------------------------------------------

Security Bulletin: IBM Security Guardium is affected by a public disclosed
vulnerability from Apache ZooKeeper

Document information
Component: --
Software version: 10.5
Operating system(s): Linux
Reference #: 0731647
Modified date: 13 December 2018

Summary

IBM Security Guardium has addressed the following vulnerability.

Vulnerability Details

CVEID: CVE-2018-8012
DESCRIPTION: Apache Zookeeper could allow a remote attacker to bypass security
restrictions, caused by the failure to enforce authentication or authorization
when a server attempts to join a quorum. An attacker could exploit this
vulnerability to join the cluster and begin propagating counterfeit changes to
the leader.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
143565 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

Affected Products and Versions

+-------------------------------------------------------+
|    Affected IBM Security Guardium     |   Affected    |
|                                       |   Versions    |
|---------------------------------------+---------------|
|IBM Security Guardium                  |10.0 - 10.5    |
+-------------------------------------------------------+

Remediation/Fixes

+---------------------------------------------------------------------+
|     Product      |    VRMF     |      Remediation / First Fix       |
|------------------+-------------+------------------------------------|
|                  |             |http://www.ibm.com/support/         |
|                  |             |fixcentral/swg/quickorder?parent=   |
|                  |             |IBM%20Security&product=ibm/         |
|IBM Security      |10.0 - 10.5  |Information+Management/             |
|Guardium          |             |InfoSphere+Guardium&release=10.0&   |
|                  |             |platform=All&function=fixId&fixids= |
|                  |             |SqlGuard_10.0p600_GPU_Nov-2018-V10.6|
|                  |             |&includeSupersedes=0&source=fc      |
+---------------------------------------------------------------------+

Workarounds and Mitigations

None

Acknowledgement

IBM X-Force Ethical Hacking Team: Warren Moynihan, Jonathan Fitz-Gerald, John
Zuccato, Rodney Ryan, Chris Shepherd, Dmitriy Beryoza

Change History

Dec 13, 2018: Original version published

- -------------------------------------------------------------------------------

Security Bulletin: IBM Security Guardium is affected by an Improper Certificate
Validation vulnerability

Document information
Component: --
Software version: 10.5
Operating system(s): Linux
Reference #: 0730319
Modified date: 13 December 2018

Summary

IBM Security Guardium has addressed the following vulnerability.

Vulnerability Details

CVEID: CVE-2018-1509
DESCRIPTION: IBM Security Guardium EcoSystem does not validate, or incorrectly
validates, a certificate.This weakness might allow an attacker to spoof a
trusted entity by using a man-in-the-middle (MITM) attack. The software might
connect to a malicious host while believing it is a trusted host, or the
software might be deceived into accepting spoofed data that appears to
originate from a trusted host.
CVSS Base Score: 3.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
141417 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

+-------------------------------------------------------+
|    Affected IBM Security Guardium     |   Affected    |
|                                       |   Versions    |
|---------------------------------------+---------------|
|IBM Security Guardium                  |10.5           |
+-------------------------------------------------------+

Remediation/Fixes

+---------------------------------------------------------------------+
|     Product      |    VRMF     |      Remediation / First Fix       |
|------------------+-------------+------------------------------------|
|                  |             |http://www.ibm.com/support/         |
|                  |             |fixcentral/swg/quickorder?parent=   |
|                  |             |IBM%20Security&product=ibm/         |
|IBM Security      |10.5         |Information+Management/             |
|Guardium          |             |InfoSphere+Guardium&release=10.0&   |
|                  |             |platform=All&function=fixId&fixids= |
|                  |             |SqlGuard_10.0p600_GPU_Nov-2018-V10.6|
|                  |             |&includeSupersedes=0&source=fc      |
+---------------------------------------------------------------------+

Workarounds and Mitigations

None

Acknowledgement

IBM X-Force Ethical Hacking Team: Warren Moynihan, Jonathan Fitz-Gerald, John
Zuccato, Rodney Ryan, Chris Shepherd, Dmitriy Beryoza

Change History

Dec 13, 2018: Original version published

- -------------------------------------------------------------------------------

Security Bulletin: Vulnerabilities in Struts v2 affect IBM Security Guardium
(CVE-2016-1181, CVE-2016-1182)

Document information
Component: --
Software version: 10-10.5
Operating system(s): Linux
Reference #: 0741659
Modified date: 13 December 2018

Summary

Struts v2 vulnerabilities affect IBM Security Guardium. IBM Security Guardium
has addressed the following vulnerability.

Vulnerability Details

CVEID: CVE-2016-1181
DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary
code on the system, caused by the failure to protect against unintended remote
operations against components on server memory by the ActionForm instance. An
attacker could exploit this vulnerability to execute arbitrary code on the
system.
CVSS Base Score: 8.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
113852 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2016-1182
DESCRIPTION: Apache Struts could allow a remote attacker to bypass security
restrictions, caused by the improper validation of input by the Validator. An
attacker could exploit this vulnerability to modify validation rules and error
messages.
CVSS Base Score: 4.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
113853 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)

Affected Products and Versions

+-------------------------------------------------------------------------------------+
|               Affected IBM Security Guardium                |   Affected Versions   |
|-------------------------------------------------------------+-----------------------|
|IBM Security Guardium                                        |10.0 - 10.5            |
+-------------------------------------------------------------------------------------+

Remediation/Fixes

+---------------------------------------------------------------------+
|     Product      |    VRMF     |      Remediation / First Fix       |
|------------------+-------------+------------------------------------|
|                  |             |http://www.ibm.com/support/         |
|                  |             |fixcentral/swg/quickorder?parent=   |
|                  |             |IBM%20Security&product=ibm/         |
|IBM Security      |10.0 - 10.5  |Information+Management/             |
|Guardium          |             |InfoSphere+Guardium&release=10.0&   |
|                  |             |platform=All&function=fixId&fixids= |
|                  |             |SqlGuard_10.0p600_GPU_Nov-2018-V10.6|
|                  |             |&includeSupersedes=0&source=fc      |
+---------------------------------------------------------------------+

Workarounds and Mitigations

None

Change History

Dec 13, 2018: Original version published

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXBMjzGaOgq3Tt24GAQjCmA/8C599VWFA0FYK7CoXhNylDRoearL/6HFh
bOxYUFGcvTqI9SrW9AEm7cw3EuPUPsZ+nixuP6fcdCea6BFu5EH0ZXwsUUXHQHl6
W7RmA+mi2+zepEh9we2bh//9ioCxepM7OGxDhjOPSVCj0N6e61TA+Lc2XZHkNIk8
itKA56rAjoDfjbb1eQGYKJEB0ISd85egb4pxO3w8eFWqkH683EfAwIqlwycqm0gC
qSopDRetnvWiFGpnrbetbjYaoiuzinPjYWNcTO3wuUz5YO1Vu8W8mhD6V5j1w8z8
JXBogmScRgliWfN2Z0QlA8vmGGFmM8y4yPSOk6adsLYI3SC/1f/zPklze1Y3dtmU
2f+aaDkjTP1buj6lz+VsrWF4Pi83coDwRgQSwk20c8dpbJVyCbKk0WCal6vfrrWc
8KbivHIH+Wm7DmucFqWQyphLYcCg6Lg5fPJ9u01ZL0Ymfw5ObGow7eG7joQ3cYzE
wUdpWPfmrqnV4Yxe78R1XfzApcFWhwP4W3VcJz3KJTdrqePUsBku9gpxaoMO0e/f
rxOn3dwWUD7ZzHm+wcHrLpj3/JF+/lSXEZG10UzfthvhFnJyOQGOHnvl72w8ZUXx
t3d5NdskoK7k9oVs7k7v/pbtMJgC0xNFtLDqmPZlxz99EBcFx4aeanRMecUY505Z
NPTd9XpEqdM=
=D4Ax
-----END PGP SIGNATURE-----

« Back to bulletins