-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2019.2355
 Security Bulletin: Multiple Security Vulnerabilities have been Identified
           in IBM WebSphere Application Server Shipped with IBM
                    Campaign and IBM Opportunity Detect
                               28 June 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           IBM Campaign
Publisher:         IBM
Operating System:  AIX
                   Linux variants
                   Solaris
                   Windows
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated      
                   Access Privileged Data          -- Remote/Unauthenticated      
                   Increased Privileges            -- Existing Account            
                   Denial of Service               -- Remote/Unauthenticated      
                   Cross-site Scripting            -- Remote with User Interaction
                   Provide Misleading Information  -- Remote/Unauthenticated      
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-4279 CVE-2019-4269 CVE-2019-4080
                   CVE-2019-4046 CVE-2019-4030 CVE-2018-10237
                   CVE-2018-8039 CVE-2018-1996 CVE-2018-1926
                   CVE-2018-1904 CVE-2018-1902 CVE-2018-1901
                   CVE-2018-1840 CVE-2018-1798 CVE-2018-1797
                   CVE-2018-1794 CVE-2018-1793 CVE-2018-1777
                   CVE-2018-1770 CVE-2018-1719 CVE-2018-1695
                   CVE-2018-1643 CVE-2018-1621 CVE-2018-1614
                   CVE-2018-1567 CVE-2017-1743 CVE-2017-1741
                   CVE-2017-1731 CVE-2016-1182 CVE-2016-1181
                   CVE-2015-0899 CVE-2014-0114 CVE-2012-5783
                   CVE-2012-1007  

Reference:         ASB-2019.0123
                   ASB-2019.0109
                   ASB-2019.0012
                   ASB-2018.0250
                   ASB-2018.0244
                   ASB-2018.0177

Original Bulletin: 
   https://www-01.ibm.com/support/docview.wss?uid=ibm10795183

- --------------------------BEGIN INCLUDED TEXT--------------------

Security Bulletin: Multiple Security Vulnerabilities have been Identified in
IBM WebSphere Application Server Shipped with IBM Campaign and IBM Opportunity
Detect

Document information

More support for: IBM Campaign

Software version: 9.1.0, 9.1.2, 10.1, 11.0

Operating system(s): AIX, Linux, Solaris, Windows

Reference #: 0795183

Modified date: 27 June 2019


Security Bulletin


Summary

IBM WebSphere Application Server is shipped as a component of IBM Campaign and
IBM Opportunity Detect. Information about security vulnerabilities affecting
IBM WebSphere Application Server has been published in security bulletins.

Vulnerability Details

P lease consult the security bulletins for IBM WebSphere Application Server
published at

  o Security Bulletin: Potential Privilege Escalation with WebSphere
    Application Server Admin Console (CVE-2017-1731)
  o Security Bulletin: Information disclosure in WebSphere Application Server
    Admin Console (CVE-2017-1741)
  o Security Bulletin: Information Disclosure in WebSphere Application Server
    (CVE-2017-1743)
  o Security Bulletin: Cross-site scripting vulnerability in Installation
    Verification Tool of WebSphere Application Server (CVE-2018-1643)
  o Security Bulletin: Code execution vulnerability in WebSphere Application
    Server (CVE-2018-1567)
  o Security Bulletin: Information Disclosure in WebSphere Application Server
    (CVE-2018-1621)
  o Security Bulletin: Information disclosure in WebSphere Application Server
    with SAML (CVE-2018-1614)
  o Security Bulletin: Potential spoofing attack in WebSphere Application
    Server (CVE-2018-1695)
  o Security Bulletin: Weaker than expected security in WebSphere Application
    Server (CVE-2018-1719)
  o Security Bulletin: Potential traversal vulnerability in IBM WebSphere
    Application Server Admin Console (CVE-2018-1770)
  o Security Bulletin: Cross-site scripting vulnerability in SAML ear in
    WebSphere Application Server (CVE-2018-1793)
  o Security Bulletin: Cross-site scripting vulnerability in OAuth ear in
    WebSphere Application Server (CVE-2018-1794)
  o Security Bulletin: Potential cross-site scripting vulnerability in the
    WebSphere Application Server Admin Console (CVE-2018-1777)
  o Security Bulletin: Potential cross-site scripting vulnerability in
    WebSphere Application Server using SIBMsgMigration Utility (CVE-2018-1798)
  o Security Bulletin: Potential directory traversal vulnerability in WebSphere
    Application Server (CVE-2018-1797)
  o Security Bulletin: Potential Remote code execution vulnerability in
    WebSphere Application Server (CVE-2018-1904)
  o Security Bulletin: Potential Privilege escalation vulnerability in
    WebSphere Application Server (CVE-2018-1840)
  o Security Bulletin: Potential Privilege Escalation Vulnerability in
    WebSphere Application Server (CVE-2018-1901)
  o Security Bulletin: Potential cross-site request forgery in WebSphere
    Application Server Admin Console (CVE-2018-1926)
  o Security Bulletin: Potential denial of service in WebSphere Application
    Server (CVE-2018-10237)
  o Security Bulletin: Weaker than expected security in WebSphere Application
    Server with SP800-131 transition mode (CVE-2018-1996)
  o Security Bulletin: Potential spoofing vulnerability in WebSphere
    Application Server (CVE-2018-1902)
  o Security Bulletin: Cross-site scripting vulnerability in WebSphere
    Application Server Admin Console (CVE-2019-4030)
  o Security Bulletin: Potential vulnerability in WebSphere Application Server
    (CVE-2015-0899)
  o Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache
    Commons that is used in WebSphere Application Server UDDI
  o Security Bulletin: Information disclosure in Apache Commons HttpClient used
    by WebSphere Application Server (CVE-2012-5783)
  o Security Bulletin: Potential denial of service vulnerability in WebSphere
    Application Server (CVE-2019-4046)
  o Security Bulletin: Potential denial of service in WebSphere Application
    Server Admin Console (CVE-2019-4080)
  o Security Bulletin: Remote code execution in WebSphere Application Server ND
    (CVE-2019-4279)
  o Security Bulletin: Potential MITM attack in Apache CXF used by WebSphere
    Application Server (CVE-2018-8039)
  o Security Bulletin: Information disclosure in WebSphere Application Server
    Admin Console (CVE-2019-4269)

for vulnerability details and information about fixes.


Affected Products and Versions

+---------------------------------+-------------------------------------------+
|Principal Product and Version(s) |Affected Supporting Product and Version    |
+---------------------------------+-------------------------------------------+
|IBM Campaign and IBM Opportunity |IBM WebSphere Application Server version   |
|Detect 9.1.0, 9.1.2, 10.1, 11.0  |7.0, 8.0, 8.5, 9.0                         |
+---------------------------------+-------------------------------------------+




Get Notified about Future Security Bulletins

Subscribe to My Notifications to be notified of important product support
alerts like this.

Reference

Complete CVSS v2 Guide
On-line Calculator v2

Complete CVSS v3 Guide
On-line Calculator v3

Related Information

IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

Acknowledgement

The vulnerability in CVE-2018-1643 was reported to IBM by Mingxuan Song
The vulnerability in CVE-2018-1770 was reported to IBM by Jacob Baines
The vulnerability in CVE-2018-1793 was reported to IBM by Benoit Ct-Jodoin
The vulnerability in CVE-2018-1794 was reported to IBM by Benoit Ct-Jodoin
The vulnerability in CVE-2018-1777 was reported to IBM by Benoit Ct-Jodoin
The vulnerability in CVE-2018-1798 was reported to IBM by Benoit Ct-Jodoin from
GoSecure
The vulnerability in CVE-2018-1904 was reported to IBM by noxx
The vulnerability in CVE-2019-4279 was reported to IBM by Ryan Wincey

Change History

18 Jan 2019: Original version published
6 Feb 2019: Revised bulletin with addition of CVE-2018-10237
19 Feb 2019: Updated bulletin with addition of CVE-2018-1996
19 Mar 2019: Updated bulletin with addition of CVE-2018-1902, CVE-2019-4030,
CVE-2015-0899, CVE-2014-0114, CVE-2012-1007, CVE-2016-1182, CVE-2016-1181
5 Apr 2019: Updated bulletin with addition of CVE-2019-4080, CVE-2019-4046,
CVE-2012-5783
16 May 2019: Updated bulletin with addition of CVE-2019-4279
14 June 2019: Updated bulletin with addition of CVE-2018-8039
26 June 2019: Updated bulletin with addition of CVE-2019-4269

*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF
ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXRWQ8GaOgq3Tt24GAQh6Vg//WFl3YQDJj8qDMJf2gikrJYgnPn1QoXoN
UZ1/BATTcNSnkvKV6oTNPKcDNAgyXrRr8bi5uakO7/+tjpK+6LHx/TgxdnqxYuPS
6gUGKlMTejBFlOGoYqsTDYXynJaY1HdGw7WOhpCbhgrF5wANsNpY9X0lQ978FYL9
R0UIBsxQmLBN9w6XtalrpDYFDdXjFnwytl0BHTP55AFXnGxdNkrKbXyTucA0NwZd
JJVKJoNhhrd+sulBkKjm94lX64tWw7d4B9jhXAr0lZx89Gj+X9NfcorWGWJG+3hK
ZodZZyl2OgKJYtYNGk5AmJFaE5QhHeGJZ8gdV9eRIFV6Ec9NiwgaU6HEKRAhqJpW
PJSEkl5yfi8Hfo73T5qSmZ/OIfM82BJtV4IPYqw5Gu/Ampyk33Hrhxd+vtXQ5xhD
EzLEhSbxoVeHI+4fS40gpTy7nhdlMaIxDxXporrQ2YVyGgPfE3idBzM8N4EAHFlh
ej2yNIsoUb7b7bx+se1+cFsoZQcYooOzxn3zxJHk/RR21acQmWaL/cru4coG5mXx
TiCV/DVGlw/1J9MjZPovbEdcTGMOhtKGafY0yd+j8fO8CvCYYTpnZe6uRxQo1GXO
gfhL08BNd3Tz0CIfd6D/usYGPPALTEzORSCU3/5f3AnSEzmJUEkiU/2Ngg3DugwF
VdyBOW6Jxgg=
=Bezx
-----END PGP SIGNATURE-----