-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2019.4748
           Security Bulletin: IBM Cognos Analytics has addressed
                          multiple vulnerabilties
                             20 December 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           IBM Cognos Analytics
Publisher:         IBM
Operating System:  Windows
                   UNIX specific
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                   Increased Privileges            -- Remote/Unauthenticated
                   Modify Arbitrary Files          -- Remote/Unauthenticated
                   Denial of Service               -- Remote/Unauthenticated
                   Provide Misleading Information  -- Remote/Unauthenticated
                   Access Confidential Data        -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-4555 CVE-2019-4231 CVE-2019-4046
                   CVE-2019-2602 CVE-2019-2426 CVE-2018-12547
                   CVE-2018-12539 CVE-2018-8039 CVE-2018-3180
                   CVE-2018-3139 CVE-2018-2973 CVE-2018-2952
                   CVE-2018-2800 CVE-2018-2799 CVE-2018-2798
                   CVE-2018-2797 CVE-2018-2796 CVE-2018-2795
                   CVE-2018-2790 CVE-2018-2783 CVE-2018-2678
                   CVE-2018-2677 CVE-2018-2663 CVE-2018-2657
                   CVE-2018-2639 CVE-2018-2638 CVE-2018-2637
                   CVE-2018-2634 CVE-2018-2618 CVE-2018-2603
                   CVE-2018-2599 CVE-2018-2588 CVE-2018-2579
                   CVE-2018-1902 CVE-2018-1890 CVE-2018-1656
                   CVE-2018-1517 CVE-2018-0734 CVE-2017-10388
                   CVE-2017-10357 CVE-2017-10356 CVE-2017-10355
                   CVE-2017-10350 CVE-2017-10349 CVE-2017-10348
                   CVE-2017-10347 CVE-2017-10346 CVE-2017-10295
                   CVE-2017-10281 CVE-2017-3736 CVE-2016-10165
                   CVE-2016-9843 CVE-2016-9842 CVE-2016-9841
                   CVE-2016-9840 CVE-2016-8743 CVE-2016-2161
                   CVE-2016-0736 CVE-2016-0705 CVE-2013-0004
                   CVE-2012-0163 CVE-2012-0161 CVE-2012-0160
                   CVE-2009-3126 CVE-2009-2504 CVE-2009-2503
                   CVE-2009-2502 CVE-2009-2501 CVE-2009-0090

Reference:         ESB-2019.3566
                   ESB-2019.3506
                   ESB-2019.3411
                   ESB-2019.3390.2

Original Bulletin: 
   https://www.ibm.com/support/pages/node/1138588

- --------------------------BEGIN INCLUDED TEXT--------------------

IBM Cognos Analytics has addressed multiple vulnerabilties

Security Bulletin

Summary

There are multiple vulnerabilities in IBM Runtime Environment Java Version 8
used by Cognos Analytics. These issues were disclosed as part of the IBM Java
SDK updates in October 2017, January 2018, April 2018, July 2018, October 2018,
January 2019 and April 2019. Cognos Analytics has addressed the applicable
CVEs. Vulnerabilities have been addressed in the following 3rd party software
components that are consumed by IBM Cognos Analytics: IBM Websphere Liberty,
OpenSSL, Apache HTTP Server, and Microsoft C++ Runtime Library. An XSRF
vulnerability in the Cognos Analytics Upload Library and a XSS vulnerability in
the Cognos Analytics Upload Visualization functionality have also been
addressed.

Vulnerability Details

CVEID: CVE-2018-0734
DESCRIPTION: The OpenSSL DSA signature algorithm has been shown to be
vulnerable to a timing side channel attack. An attacker could use variations in
the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a
(Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in
OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
152085 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2018-8039
DESCRIPTION: It is possible to configure Apache CXF to use the com.sun.net.ssl
implementation via 'System.setProperty("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");'. When this system property is set,
CXF uses some reflection to try to make the HostnameVerifier work with the old
com.sun.net.ssl.HostnameVerifier interface. However, the default
HostnameVerifier implementation in CXF does not implement the method in this
interface, and an exception is thrown. However, in Apache CXF prior to 3.2.5
and 3.1.16 the exception is caught in the reflection code and not properly
propagated. What this means is that if you are using the com.sun.net.ssl stack
with CXF, an error with TLS hostname verification will not be thrown, leaving a
CXF client subject to man-in-the-middle attacks.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
145516 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID: CVE-2018-2579
DESCRIPTION: An unspecified vulnerability related to the Java SE Libraries
component could allow an unauthenticated attacker to obtain sensitive
information resulting in a low confidentiality impact using unknown attack
vectors.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
137833 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2018-2588
DESCRIPTION: An unspecified vulnerability related to the Java SE LDAP component
could allow an authenticated attacker to obtain sensitive information resulting
in a low confidentiality impact using unknown attack vectors.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
137841 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2018-2663
DESCRIPTION: An unspecified vulnerability related to the Java SE JNDI component
could allow an unauthenticated attacker to take control of the system.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
137917 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-2677
DESCRIPTION: An unspecified vulnerability related to the Java SE AWT component
could allow an unauthenticated attacker to cause a denial of service resulting
in a low availability impact using unknown attack vectors.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
137932 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-2678
DESCRIPTION: An unspecified vulnerability related to the Java SE JNDI component
could allow an unauthenticated attacker to cause a denial of service resulting
in a low availability impact using unknown attack vectors.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
137933 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-2599
DESCRIPTION: An unspecified vulnerability related to the Java SE JNDI component
could allow an unauthenticated attacker to cause no confidentiality impact, low
integrity impact, and low availability impact.
CVSS Base score: 4.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
137851 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)

CVEID: CVE-2018-2603
DESCRIPTION: An unspecified vulnerability related to the Java SE Libraries
component could allow an unauthenticated attacker to cause a denial of service
resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
137855 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-2657
DESCRIPTION: An unspecified vulnerability related to the Java SE, Serialization
component could allow an unauthenticated attacker to cause a denial of service
resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
137910 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-2618
DESCRIPTION: An unspecified vulnerability related to the Java SE JCE component
could allow an unauthenticated attacker to obtain sensitive information
resulting in a high confidentiality impact using unknown attack vectors.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
137870 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID: CVE-2018-2634
DESCRIPTION: An unspecified vulnerability related to the Java SE JGSS component
could allow an unauthenticated attacker to obtain sensitive information
resulting in a high confidentiality impact using unknown attack vectors.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
137886 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)

CVEID: CVE-2018-2637
DESCRIPTION: An unspecified vulnerability related to the Java SE JMX component
could allow an unauthenticated attacker to cause high confidentiality impact,
high integrity impact, and no availability impact.
CVSS Base score: 7.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
137889 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)

CVEID: CVE-2018-2638
DESCRIPTION: An unspecified vulnerability related to the Java SE Deployment
component could allow an unauthenticated attacker to take control of the
system.
CVSS Base score: 8.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
137890 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)

CVEID: CVE-2018-2639
DESCRIPTION: An unspecified vulnerability related to the Java SE Deployment
component could allow an unauthenticated attacker to take control of the
system.
CVSS Base score: 8.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
137891 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)

CVEID: CVE-2009-2502
DESCRIPTION: Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1,
Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office
System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word
Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3,
Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office
Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and
SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL
Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer
2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0
allows remote attackers to execute arbitrary code via a crafted TIFF image
file, aka "GDI+ TIFF Buffer Overflow Vulnerability."
CVSS Base score: 9.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
53527 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2009-0090
DESCRIPTION: Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not
properly validate .NET verifiable code, which allows remote attackers to obtain
unintended access to stack memory, and execute arbitrary code, via (1) a
crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or
(3) a crafted .NET Framework application, aka "Microsoft .NET Framework Pointer
Verification Vulnerability."
CVSS Base score: 9.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
48293 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2012-0163
DESCRIPTION: Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4,
and 4.5 does not properly validate function parameters, which allows remote
attackers to execute arbitrary code via (1) a crafted XAML browser application
(aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework
application, aka ".NET Framework Parameter Validation Vulnerability."
CVSS Base score: 9.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
74377 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2009-2503
DESCRIPTION: GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3,
Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office
System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word
Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3,
Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office
Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and
SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL
Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer
2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0
does not properly allocate an unspecified buffer, which allows remote attackers
to execute arbitrary code via a crafted TIFF image file that triggers memory
corruption, aka "GDI+ TIFF Memory Corruption Vulnerability."
CVSS Base score: 9.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
53528 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2009-3126
DESCRIPTION: Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1,
Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office
System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word
Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3,
Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office
Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and
SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL
Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer
2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0
allows remote attackers to execute arbitrary code via a crafted PNG image file,
aka "GDI+ PNG Integer Overflow Vulnerability."
CVSS Base score: 9.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
53530 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2009-2504
DESCRIPTION: Multiple integer overflows in unspecified APIs in GDI+ in
Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP
SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold,
Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2,
Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003
Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer,
Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for
Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web,
Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000
Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1,
Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote
attackers to execute arbitrary code via (1) a crafted XAML browser application
(XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework
application, aka "GDI+ .NET API Vulnerability."
CVSS Base score: 9.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
53529 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2009-2501
DESCRIPTION: Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer
6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft
Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word
Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3,
Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office
Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and
SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL
Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer
2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0
allows remote attackers to execute arbitrary code via a crafted PNG image file,
aka "GDI+ PNG Heap Overflow Vulnerability."
CVSS Base score: 9.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
53526 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2012-0160
DESCRIPTION: Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5
SP1, 3.5.1, and 4 does not properly serialize input data, which allows remote
attackers to execute arbitrary code via (1) a crafted XAML browser application
(aka XBAP) or (2) a crafted .NET Framework application, aka ".NET Framework
Serialization Vulnerability."
CVSS Base score: 9.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
74375 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-0004
DESCRIPTION: Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5,
3.5.1, 4, and 4.5 does not properly validate the permissions of objects in
memory, which allows remote attackers to execute arbitrary code via (1) a
crafted XAML browser application (XBAP) or (2) a crafted .NET Framework
application, aka "Double Construction Vulnerability."
CVSS Base score: 9.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
80871 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2012-0161
DESCRIPTION: Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5
SP1, 3.5.1, and 4 does not properly handle an unspecified exception during use
of partially trusted assemblies to serialize input data, which allows remote
attackers to execute arbitrary code via (1) a crafted XAML browser application
(aka XBAP) or (2) a crafted .NET Framework application, aka ".NET Framework
Serialization Vulnerability."
CVSS Base score: 9.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
74376 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2019-4231
DESCRIPTION: IBM Cognos Analytics is vulnerable to cross-site request forgery
which could allow an attacker to execute malicious and unauthorized actions
transmitted from a user that the website trusts.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
159356 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)

CVEID: CVE-2018-3139
DESCRIPTION: An unspecified vulnerability related to the Java SE Networking
component could allow an unauthenticated attacker to obtain sensitive
information resulting in a low confidentiality impact using unknown attack
vectors.
CVSS Base score: 3.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
151455 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N)

CVEID: CVE-2018-3180
DESCRIPTION: An unspecified vulnerability related to the Java SE JSSE component
could allow an unauthenticated attacker to cause low confidentiality impact,
low integrity impact, and low availability impact.
CVSS Base score: 5.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
151497 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID: CVE-2016-0736
DESCRIPTION: In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto
was encrypting its data/cookie using the configured ciphers with possibly
either CBC or ECB modes of operation (AES256-CBC by default), hence no
selectable or builtin authenticated encryption. This made it vulnerable to
padding oracle attacks, particularly with CBC.
CVSS Base score: 5.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
119918 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N)

CVEID: CVE-2016-2161
DESCRIPTION: In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to
mod_auth_digest can cause the server to crash, and each instance continues to
crash even for subsequently valid requests.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
119919 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-8743
DESCRIPTION: Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25,
was liberal in the whitespace accepted from requests and sent in response lines
and headers. Accepting these different behaviors represented a security concern
when httpd participates in any chain of proxies or interacts with back-end
application servers, either through mod_proxy or using conventional CGI
mechanisms, and may result in request smuggling, response splitting and cache
pollution.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
119917 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID: CVE-2017-10295
DESCRIPTION: An unspecified vulnerability related to the Java SE Networking
component could allow an unauthenticated attacker to cause no confidentiality
impact, low integrity impact, and no availability impact.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
133729 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N)

CVEID: CVE-2017-10281
DESCRIPTION: An unspecified vulnerability related to the Java SE Serialization
component could allow an unauthenticated attacker to cause a denial of service
resulting in a low availability impact using unknown attack vectors.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
133720 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2017-10350
DESCRIPTION: An unspecified vulnerability related to the Java SE JAX-WS
component could allow an unauthenticated attacker to cause a denial of service
resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
133779 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2017-10347
DESCRIPTION: An unspecified vulnerability related to the Java SE, Serialization
component could allow an unauthenticated attacker to cause a denial of service
resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
133776 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2017-10349
DESCRIPTION: An unspecified vulnerability related to the Java SE JAXP component
could allow an unauthenticated attacker to cause a denial of service resulting
in a low availability impact using unknown attack vectors.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
133778 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2017-10348
DESCRIPTION: An unspecified vulnerability related to the Java SE Libraries
component could allow an unauthenticated attacker to cause a denial of service
resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
133777 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2017-10357
DESCRIPTION: An unspecified vulnerability related to the Java SE Serialization
component could allow an unauthenticated attacker to cause a denial of service
resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
133786 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2017-10355
DESCRIPTION: An unspecified vulnerability related to the Java SE Networking
component could allow an unauthenticated attacker to cause a denial of service
resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
133784 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-9841
DESCRIPTION: zlib is vulnerable to a denial of service, caused by an
out-of-bounds pointer arithmetic in inftrees.c. By persuading a victim to open
a specially crafted document, a remote attacker could exploit this
vulnerability to cause a denial of service.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
120509 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2017-10356
DESCRIPTION: An unspecified vulnerability related to the Java SE Security
component could allow an unauthenticated attacker to obtain sensitive
information resulting in a high confidentiality impact using unknown attack
vectors.
CVSS Base score: 6.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
133785 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID: CVE-2017-10388
DESCRIPTION: An unspecified vulnerability related to the Java SE Libraries
component could allow an unauthenticated attacker to take control of the
system.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
133813 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID: CVE-2017-10346
DESCRIPTION: An unspecified vulnerability related to the Java SE VM component
could allow an unauthenticated attacker to take control of the system.
CVSS Base score: 9.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
133775 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)

CVEID: CVE-2016-9843
DESCRIPTION: Tzlib is vulnerable to a denial of service, caused by a big-endian
out-of-bounds pointer. By persuading a victim to open a specially crafted
document, a remote attacker could exploit this vulnerability to cause a denial
of service.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
120511 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-9842
DESCRIPTION: zlib is vulnerable to a denial of service, caused by an undefined
left shift of negative number. By persuading a victim to open a specially
crafted document, a remote attacker could exploit this vulnerability to cause a
denial of service.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
120510 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-9840
DESCRIPTION: zlib is vulnerable to a denial of service, caused by an
out-of-bounds pointer arithmetic in inftrees.c. By persuading a victim to open
a specially crafted document, a remote attacker could exploit this
vulnerability to cause a denial of service.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
120508 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-10165
DESCRIPTION: Little CMS is vulnerable to a denial of service, caused by an
out-of-bounds read in Type_MLU_Read function in cmstypes.c. By using a
specially-crafted image, a remote attacker could exploit this vulnerability to
cause the application to crash or obtain sensitive information.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
127028 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)

CVEID: CVE-2018-1902
DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could
allow a remote attacker to spoof connection information which could be used to
launch further attacks against the system. IBM X-Force ID: 152531.
CVSS Base score: 3.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
152531 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N)

CVEID: CVE-2019-4555
DESCRIPTION: IBM Cognos Analytics is vulnerable to cross-site scripting. This
vulnerability allows users to embed arbitrary JavaScript code in the Web UI
thus altering the intended functionality potentially leading to credentials
disclosure within a trusted session.
CVSS Base score: 5.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
166204 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

CVEID: CVE-2018-1890
DESCRIPTION: IBM SDK, Java Technology Edition Version 8 on the AIX platform
uses absolute RPATHs which may facilitate code injection and privilege
elevation by local users.
CVSS Base score: 5.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
152081 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L)

CVEID: CVE-2018-12547
DESCRIPTION: Eclipse OpenJ9 is vulnerable to a buffer overflow, caused by
improper bounds checking by the jio_snprintf()and jio_vsnprintf() functions. By
sending an overly long argument, a remote attacker could overflow a buffer and
execute arbitrary code on the system or cause the application to crash.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
157512 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2019-2426
DESCRIPTION: An unspecified vulnerability related to the Java SE Networking
component could allow an unauthenticated attacker to obtain sensitive
information resulting in a low confidentiality impact using unknown attack
vectors.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
155744 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2019-4046
DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is
vulnerable to a denial of service, caused by improper handling of request
headers. A remote attacker could exploit this vulnerability to cause the
consumption of Memory. IBM X-Force ID: 156242.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
156242 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-3736
DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive
information, caused by a carry propagation flaw in the x86_64 Montgomery
squaring function bn_sqrx8x_internal(). An attacker with online access to an
unpatched system could exploit this vulnerability to obtain information about
the private key.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
134397 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID: CVE-2018-2952
DESCRIPTION: An unspecified vulnerability related to the Java SE Concurrency
component could allow an unauthenticated attacker to cause a denial of service
resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
146815 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-0705
DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a
double-free error when parsing DSA private keys.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
111140 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-1517
DESCRIPTION: A flaw in the java.math component in IBM SDK, Java Technology
Edition may allow an attacker to inflict a denial-of-service attack with
specially crafted String data.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
141681 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2018-1656
DESCRIPTION: The IBM Java Runtime Environment's Diagnostic Tooling Framework
for Java (DTFJ) does not protect against path traversal attacks when extracting
compressed dump files.
CVSS Base score: 7.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
144882 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)

CVEID: CVE-2018-2973
DESCRIPTION: An unspecified vulnerability related to the Java SE JSSE component
could allow an unauthenticated attacker to cause no confidentiality impact,
high integrity impact, and no availability impact.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
146835 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID: CVE-2018-12539
DESCRIPTION: Eclipse OpenJ9 could allow a local attacker to gain elevated
privileges on the system, caused by the failure to restrict the use of Java
Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and
use Attach API operations to only the process owner. An attacker could exploit
this vulnerability to execute untrusted native code and gain elevated
privileges on the system.
CVSS Base score: 8.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
148389 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2018-2800
DESCRIPTION: An unspecified vulnerability related to the Java SE RMI component
could allow an unauthenticated attacker to cause low confidentiality impact,
low integrity impact, and no availability impact.
CVSS Base score: 4.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
141956 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N)

CVEID: CVE-2018-2795
DESCRIPTION: An unspecified vulnerability related to the Java SE Security
component could allow an unauthenticated attacker to cause a denial of service
resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
141951 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-2796
DESCRIPTION: An unspecified vulnerability related to the Java SE Concurrency
component could allow an unauthenticated attacker to cause a denial of service
resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
141952 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-2797
DESCRIPTION: An unspecified vulnerability related to the Java SE JMX component
could allow an unauthenticated attacker to cause a denial of service resulting
in a low availability impact using unknown attack vectors.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
141953 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-2798
DESCRIPTION: An unspecified vulnerability related to the Java SE AWT component
could allow an unauthenticated attacker to cause a denial of service resulting
in a low availability impact using unknown attack vectors.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
141954 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-2799
DESCRIPTION: An unspecified vulnerability related to the Java SE JAXP component
could allow an unauthenticated attacker to cause a denial of service resulting
in a low availability impact using unknown attack vectors.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
141955 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2018-2783
DESCRIPTION: An unspecified vulnerability related to the Java SE Security
component could allow an unauthenticated attacker to cause high confidentiality
impact, high integrity impact, and no availability impact.
CVSS Base score: 7.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
141939 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)

CVEID: CVE-2018-2790
DESCRIPTION: An unspecified vulnerability related to the Java SE Security
component could allow an unauthenticated attacker to cause no confidentiality
impact, low integrity impact, and no availability impact.
CVSS Base score: 3.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
141946 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N)

CVEID: CVE-2019-2602
DESCRIPTION: An unspecified vulnerability related to the Java SE Libraries
component could allow an unauthenticated attacker to cause a denial of service
resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
159698 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

IBM Cognos Analytics 11.1

IBM Cognos Analytics 11.0

Remediation/Fixes

The recommended solution is to apply the fix for versions listed as soon as
practical.

IBM Cognos Analyticxs 11.1.4.0

IBM Cognos Analytics 11.0.13 Fix Pack 3

Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

References

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXfxge2aOgq3Tt24GAQhfKRAAtQfLsFRF5K0izYBCpaI70TQ+IuEFQUOh
HmKsqKDvwFykogTjcmkg4N4hDghztTwlXRPG6b4cOiowGvnHnImxqpC+hjqzfcgE
nQn5cqDa1muVFm7/w1bOmQQaSESzHszpigpcaSubKtt3g174VH4pRzSYMHefZ0EH
3LnRwjmLjrppSXV1l1Kk0MYVd7+LwmID5QGadeyWT83lqM+ccyoafEJhglUGbuZZ
wpGoG4TOi1n6b9qlbLOi2KKUADWq3uQ9x86h2qEijlQrzGQ0RlgAPOOgaBl/GHWT
/3ZLxQD51TatJkEWkMLbU8Kha4MVHoaFuSGgEBoYB0PYGvSwLXZvlshpFfzmzmFs
hwmHfWlThPydgnTPMfQHJ4f5iSPeG9+OF/yL39npakD/wYlIi/iilqwrI+ozyV8o
OC+7lYLSIUTAc0OWrKfk/QwWTSlBDZ3PW2WywF+p6LfEnWN3Fcxit018n09iF07y
VJUTf+oP/tAAyEZh1uMbvaM7VAK0OPuqXNzvNrxcf86IhmlgMkcmEksf2hB1W1NH
mKlQO9UZtZLoG7dkbv6O09yaHFlWIf8NwkWtlJXsGh6OW714fk2ZWq9CtNf1VDiE
TSrbTjdm2cxfed4D4nkR6EHEGlRReBYwxgZHFj/m/8qrkdHe3Op1jMYj5mwqf0pM
HmTs5bTBd8A=
=tbUj
-----END PGP SIGNATURE-----