IBM Support

Security Bulletin: IBM Cloud Private is vulnerable to Kibana vulnerabilities (CVE-2020-7015, CVE-2020-7013, CVE-2020-7012)

Security Bulletin


Summary

IBM Cloud Private is vulnerable to Kibana vulnerabilities

Vulnerability Details

CVEID:   CVE-2020-7015
DESCRIPTION:   Elastic Kibana is vulnerable to cross-site scripting, caused by improper validation of user-supplied input in TSVB visualization. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/182944 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID:   CVE-2020-7013
DESCRIPTION:   Elastic Kibana could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in TSVB . By sending a specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code in the context of Kibana process on the host system.
CVSS Base score: 8.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/182942 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2020-7012
DESCRIPTION:   Elastic Kibana could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the Upgrade Assistant. By sending a specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code in the context of Kibana process on the host system.
CVSS Base score: 8.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/182941 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

Affected Product(s)Version(s)
IBM Cloud Private3.2.1 CD
IBM Cloud Private3.2.2 CD

Remediation/Fixes

Product defect fixes and security updates are only available for the two most recent Continuous Delivery (CD) update packages

  • IBM Cloud Private 3.2.1
  • IBM Cloud Private 3.2.2

  

For IBM Cloud Private 3.2.1, apply Aug fix pack:

 

For IBM Cloud Private 3.2.2, apply Aug fix pack:

  

For IBM Cloud Private 3.1.0, 3.1.1, 3.1.2, 3.2.0:

  • Upgrade to the latest Continuous Delivery (CD) update package, IBM Cloud Private 3.2.2.2008. 
  • If required, individual product fixes can be made available between CD update packages for resolution of problems. Contact IBM support for assistance

 

Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

References

Off

Change History

27 Sep 2020: Initial Publication

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

Document Location

Worldwide

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSBS6K","label":"IBM Cloud Private"},"Component":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"all","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Document Information

Modified date:
27 September 2020

UID

ibm16338541