IBM Support

IBM Tivoli Monitoring Privileges Escalation through Authorization Bypass (IV77992)

Download


Abstract

This fix addresses a security vulnerability for remote code execution (CVE-2014-7411),

Download Description

This fix addresses the security vulnerability listed in the IBM Tivoli Monitoring Security Bulletin: http://www.ibm.com/support/docview.wss?uid=swg21973559.

The following patches are provided which remediate the vulnerability across the releases below:

VRMFFix
6.306.3.0-TIV-ITM-FP0006-IV77992
6.3.0-TIV-ITM-FP0005-IV77992
6.236.2.3-TIV-ITM-FP0005-IV77992
6.226.2.2-TIV-ITM-FP0009-IV77992

NOTE 1: The fix for IV77992 requires the patch be installed on the portal server. In addition to this, the patch needs to be installed on the systems where the tacmd CLI is installed and utilized. The CLI is installed as part of the "ue" component.

NOTE 2: The fix for IV77992 supercedes and includes the fix for IBM Tivoli Monitoring Remote Code Execution as addressed by APAR fix IV77742. Once the patch above for IV77992 is installed, the patch for IV77442 is not needed and should not be installed afterwards.

Prerequisites

The prerequisite level for these fixes are as follows:

6.3.0-TIV-ITM-FP0006-IV77742 requires IBM Tivoli Monitoring, version 6.3.0 Fix Pack 6 (6.3.0-TIV-ITM-FP0006)
6.3.0-TIV-ITM-FP0005-IV77742 requires IBM Tivoli Monitoring, version 6.3.0 Fix Pack 5 (6.3.0-TIV-ITM-FP0005)
6.2.3-TIV-ITM-FP0005-IV77742 requires IBM Tivoli Monitoring, version 6.2.3 Fix Pack 5 (6.2.3-TIV-ITM-FP0005)
6.2.2-TIV-ITM-FP0009-IV77742 requires IBM Tivoli Monitoring, version 6.2.2 Fix Pack 9 (6.2.2-TIV-ITM-FP0009)

[{"PRLabel":"6.3.0-TIV-ITM-FP0006","PRLang":"English","PRSize":"1","PRPlat":{"label":"AIX","code":"PF002"},"PRURL":"http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/IBM+Tivoli+Monitoring&platform=All&release=6.3.0&function=fixId&fixids=6.3.0-TIV-ITM-FP0006"},{"PRLabel":"6.3.0-TIV-ITM-FP0005","PRLang":"English","PRSize":"1","PRPlat":{"label":"AIX","code":"PF002"},"PRURL":"http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/IBM+Tivoli+Monitoring&platform=All&release=6.3.0&function=fixId&fixids=6.3.0-TIV-ITM-FP0005"},{"PRLabel":"6.2.3-TIV-ITM-FP0005","PRLang":"English","PRSize":"1","PRPlat":{"label":"AIX","code":"PF002"},"PRURL":"http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/IBM+Tivoli+Monitoring&platform=All&release=6.2.3&function=fixId&fixids=6.2.3-TIV-ITM-FP0005"},{"PRLabel":"6.2.2-TIV-ITM-FP0009","PRLang":"English","PRSize":"1","PRPlat":{"label":"AIX","code":"PF002"},"PRURL":"http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/IBM+Tivoli+Monitoring&platform=All&release=6.2.2&function=fixId&fixids=6.2.2-TIV-ITM-FP0009"}]

Installation Instructions

Refer to the README file located in Fix Central for additional information.

Change History

2016-02-29: Original Publish

2016-03-14: Corrected typo in "NOTE 2" for APAR IV77742.

2016-03-17: Added link for patch for 6.30 FP6.

On
[{"DNLabel":"6.3.0-TIV-ITM-FP0006-IV77992","DNDate":"17 Mar 2016","DNLang":"English","DNSize":"1","DNPlat":{"label":"Linux","code":"PF016"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/IBM+Tivoli+Monitoring&platform=All&release=6.3.0.6&function=fixId&fixids=6.3.0-TIV-ITM-FP0006-IV77992","DNURL_FTP":" ","DDURL":null},{"DNLabel":"6.3.0-TIV-ITM-FP0005-IV77992","DNDate":"10 Jan 2016","DNLang":"English","DNSize":"1","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/IBM+Tivoli+Monitoring&platform=All&release=6.3.0.5&function=fixId&fixids=6.3.0-TIV-ITM-FP0005-IV77992","DNURL_FTP":" ","DDURL":null},{"DNLabel":"6.2.3-TIV-ITM-FP0005-IV77992","DNDate":"10 Jan 2016","DNLang":"English","DNSize":"1","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/IBM+Tivoli+Monitoring&platform=All&release=6.2.3.5&function=fixId&fixids=6.2.3-TIV-ITM-FP0005-IV77992","DNURL_FTP":" ","DDURL":null},{"DNLabel":"6.2.2-TIV-ITM-FP0009-IV77992","DNDate":"10 Jan 2016","DNLang":"English","DNSize":"1","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Tivoli&product=ibm/Tivoli/IBM+Tivoli+Monitoring&platform=All&release=6.2.2.9&function=fixId&fixids=6.2.2-TIV-ITM-FP0009-IV77992","DNURL_FTP":" ","DDURL":null}]
[{"Product":{"code":"SSTFXA","label":"Tivoli Monitoring"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Not Applicable","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"6.3.0;6.2.3;6.2.2","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Product Synonym

ITM

Document Information

Modified date:
15 June 2018

UID

swg24041532