ESB-2019.0757 - [Win][UNIX/Linux] IBM Rational Team Concert: Cross-site scripting - Remote with user interaction 2019-03-11

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2019.0757
             Security Bulletin: Multiple Cross-site scripting
             vulnerabilities affect IBM Rational Team Concert
                               11 March 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           IBM Rational Team Concert
Publisher:         IBM
Operating System:  UNIX variants (UNIX, Linux, OSX)
                   Windows
Impact/Access:     Cross-site Scripting -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-1984 CVE-2018-1983 CVE-2018-1982
                   CVE-2018-1761  

Reference:         ESB-2019.0675
                   ESB-2019.0429
                   ESB-2019.0335.5
                   ESB-2019.0321

Original Bulletin: 
   https://www.ibm.com/support/docview.wss?uid=ibm10875364

- --------------------------BEGIN INCLUDED TEXT--------------------

Security Bulletin: Multiple Cross-site scripting vulnerabilities affect IBM(R)
Rational(R) Team Concert


Document information

Software version: 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5,
6.0.6

Operating system(s): Platform Independent

Reference #: 0875364

Modified date: 08 March 2019


Summary

IBM Team Concert (RTC) is vulnerable to multiple cross-site scripting
vulnerabilities

Vulnerability Details

CVEID: CVE-2018-1761
DESCRIPTION: IBM Team Concert (RTC) is vulnerable to cross-site scripting.
This vulnerability allows users to embed arbitrary JavaScript code in the Web
UI thus altering the intended functionality potentially leading to credentials
disclosure within a trusted session.
CVSS Base Score: 5.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
148615 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

CVEID: CVE-2018-1984
DESCRIPTION: IBM Team Concert (RTC) is vulnerable to cross-site scripting.
This vulnerability allows users to embed arbitrary JavaScript code in the Web
UI thus altering the intended functionality potentially leading to credentials
disclosure within a trusted session.
CVSS Base Score: 5.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
154137 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

CVEID: CVE-2018-1983
DESCRIPTION: IBM Team Concert (RTC) is vulnerable to cross-site scripting.
This vulnerability allows users to embed arbitrary JavaScript code in the Web
UI thus altering the intended functionality potentially leading to credentials
disclosure within a trusted session.
CVSS Base Score: 5.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
154136 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

CVEID: CVE-2018-1982
DESCRIPTION: IBM Team Concert (RTC) is vulnerable to cross-site scripting.
This vulnerability allows users to embed arbitrary JavaScript code in the Web
UI thus altering the intended functionality potentially leading to credentials
disclosure within a trusted session.
CVSS Base Score: 5.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
154135 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

Affected Products and Versions

Rational Collaborative Lifecycle Management 5.0 - 6.0.6

Rational Team Concert 5.0 - 5.0.2
Rational Team Concert 6.0 - 6.0.6

Remediation/Fixes

For the 6.0 - 6.0.6 releases:

  o Upgrade to version 6.0.6 iFix007 or later
       Rational Collaborative Lifecycle Management 6.0.6 iFix007
       Rational Team Concert 6.0.6 iFix07
  o Or upgrade to version 6.0.2 iFix20 or later
       Rational Collaborative Lifecycle Management 6.0.2 iFix020
       Rational Team Concert 6.0.2 iFix020

For the 5.x releases, upgrade to version 5.0.2 iFix29 or later (planned
publication within 30 days)

  o Rational Collaborative Lifecycle Management 5.0.2 iFix29
  o Rational Team Concert 5.0.2 iFix29

Workarounds and Mitigations

None


Change History

08 March 2019: Initial publication

*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXIcAnmaOgq3Tt24GAQjLjxAA2+QnmU6qnPsLYm747hsuaEHpXXtBAeUs
JXmeWTqnUpJIc7LDwXg4hb/xSzugEJp/qpxYIX8MM+7SyJn5jpgKHYUMBmnt+l5h
0McmgtOVwS+Je4JiNHKN/C8oawhh80eYxM9f80J+vZGKHvirUZ+nbQGdJ2Hg6p6q
mRoLm9ep22Xkywv+RnNtt+/C9GjjW8kHqQZXfKt4Ts4daAKK7KAVW9yXzZBTB4zF
C4RAsu+yR82KIOy/mfRtXVBSE9ji5XY3v36Tl5keo9Vx9J5SoRHddlVQmkKHvJyR
QsUIXWfnCLRictq3trwFitTasUebr0pNkZuBNJc9rLqQD/PQ8wAp3CP7O9pA1gUF
t83B1F6pUZhGnoCxD85GnuRyIGGQtED8a8pNntDKnkRRKkn+L5ylGKoP3BbnM9wc
0AhXUe7l3M0ceIlqJyVwlLiIPDCqdPQL1y8En0k+WhsHelSKQBfhinZNLhcrKzQO
6E/Fv1MOsTmA/cH0O4+7AuoEVXosaDYQIcEEnsHQuq8Xnd9eQAycWTWdnc4jRSOT
I5yXVKMWJXNOexRnmOcNpfJlnmR+pkxXkdie5jxEkq5marSuBlqXvn1YNwYdX8Sm
kSKzd4C2805DzZrGyyEcGUj8I5qa/zUJbWWwK/aSR1MVpuPOTTH4cscG4n2Rx5aF
o8dFyQQDyBw=
=dUxi
-----END PGP SIGNATURE-----

« Back to bulletins