Operating System:

[WIN]

Published:

19 June 2019

Protect yourself against future threats.

//Service

Malicious URL Feed

Add this Australian-based feed to your firewall blacklist and SIEM to prevent compromises to your network.

Read more
Resources > Security Bulletins > ESB-2019.2170 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2019.2170
          IBM Cognos Command Center receives Java security update
                               19 June 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           IBM Cognos Command Center
Publisher:         IBM
Operating System:  Windows
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-2602  

Reference:         ESB-2019.1896
                   ESB-2019.1675
                   ESB-2019.1664
                   ESB-2019.1654
                   ESB-2019.1344

Original Bulletin: 
   https://www.ibm.com/support/docview.wss?uid=ibm10886239

- --------------------------BEGIN INCLUDED TEXT--------------------

Security Bulletin: A vulnerability in IBM Java Runtime affects IBM Cognos
Command Center (CVE-2019-2602)

Document information
Component: --
Software version: 10.2.4, 10.2.4.1
Operating system(s): Windows
Software edition: All Editions
Reference #: 0886239
Modified date: 18 June 2019

Summary

There are multiple vulnerabilities in IBM Runtime Environment Java Version 8
used by IBM Cognos Command Center. These issues were disclosed as part of the
IBM Java SDK updates in January and April 2019.

If you run your own Java code using the IBM Java Runtime delivered with this
product, you should evaluate your code to determine whether additional Java
vulnerabilities are applicable to your code. For a complete list of
vulnerabilities, refer to the "IBM Java SDK Security Bulletin", located in the
References section for more information.

Vulnerability Details

CVEID: CVE-2019-2602
DESCRIPTION: An unspecified vulnerability related to the Java SE Embedded
Libraries component could allow an unauthenticated attacker to cause a denial
of service resulting in a high availability impact using unknown attack
vectors.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
159698 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

IBM Cognos Command Center 10.2.4.1 (FP1)

IBM Cognos Command Center 10.2.4

Remediation/Fixes

The recommended solution is to apply the applicable version of the IBM JRE
8.0.5.35 to  your version of IBM Cognos Command Center.

The fixes can be found here: 

IBM Cognos Command Center version 10.2.4.1. (FP1) (64-bit IBM JRE) 
IBM Cognos Command Center version 10.2.4 (32-bit IBM JRE)

Please follow the instructions for your version of Cognos Command Center.

For IBM Cognos Command Center version 10.2.4.1. (FP1) (64-bit IBM JRE):
Step 1:
Download the 64 bit IBM Java JRE ( file name: ibm-java-jre-80-win-x86_64.zip ,
Size: 164.4MB, Build: pwa6480sr5fp35-20190418_01 (SR5 FP35)).
Step 2:
Stop the CccServer, CccQueue and CccAgent Microsoft Windows services.
Step 3:
Rename the <INSTALLDIR>\Common\java.8.0.0 directory to <INSTALLDIR>\Common\
java.8.0.0.orig
Step 4:
Unpack the content of the ibm-java-sdk-80-win-x86_64.zip file to <INSTALLDIR>\
Common\java.8.0.0
Step 5:
Start the CccAgent, CccQueue and CccServer Microsoft Windows services.
Step 6:
Validate the installation by testing the connectivity to the agent using the
CCC Client.

For IBM Cognos Command Center version 10.2.4 (32-bit IBM JRE):

For Microsoft Windows servers where the Agent or the Server component is
installed please follow this procedure:
Step 1:
Download the 32 bit IBM Java JRE (file name: ibm-java-jre-80-win-i386.zip,
Size: 137.6MB, Build: pwi3280sr5fp35-20190418_01 (SR5 FP35)).
Step 2:
Stop the CccServer, CccQueue and CccAgent Microsoft Windows services.
Step 3:
Rename the <INSTALLDIR>\Common\java.8.0.0 directory to <INSTALLDIR>\Common\
java.8.0.0.orig
Step 4:
Unpack the content of the ibm-java-jre-80-win-i386.zip file to <INSTALLDIR>\
Common\java.8.0.0
Step 5:
Start the CccAgent, CccQueue and CccServer Microsoft Windows services.
Step 6:
Validate the installation by testing the connectivity to the agent using the
CCC Client.

Workarounds and Mitigations

None.

Change History

18 June 2019: Original Version Published.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXQmAAmaOgq3Tt24GAQhKWxAAs0sVlMzsrpSAR+CLm+dwzZ47h7v4sgrH
mXmWlaCOieTcPojF6v+8+EatLaPiuZ8vsvxNkpZsIaOjCHilFZFeGfbKQwowaunh
Rq9dPUmsteEXsFcpoNMkQZWh+HZwumyYT0kAm4D6OI8Sdf5WPICj+ESUPaGwge8R
jJh5496zCNM9GbWB4mGqMS79zTg0Z/1Zm+snNgoLra0CRNs9lpQj6F4OVS5saoO0
DZxWUJuEaKqCadEdGTRXBYojXf9q6NafuVe6DMdTdzvCjZRQ90MlnmhkrydAuYws
J78ju0ADJ/LrmmDr7OtKVPWQEgQZDTgMS+hNglZkB7NTjD30UQFw/wAqSZDYYBwH
EzkDe2ZEo01fwU2Zcg0Ii+2ivX3DQH/dIQ/radIpbnXpfTnZGphSeMAoLeBgJvvM
M/IvDX0kHG6zT70rCyIO241s62eSS0F3n2W5uNNzFjUEB7S3kaHSaUpcnJF+dJe2
cvRrOOn7tL+fOCKA9Z6w/WaVxwWwHaGrFLQLHN33CV+B09WCSXya6oWFQWwekNkt
303jSj8g+LUlH7lhVLLnYCefXNSnZ2gywKvnFiuEMMr/cZ/HsDpDoMtmxWomSVEy
TJytjtUJahw1FhozbDt9MvJT2tkvzbyGgmRl/9JO4QDMkMeFgwamKn6humSjtweH
Xi4gKVmb1W4=
=RPau
-----END PGP SIGNATURE-----