Security Bulletin
Summary
Sweet32 vulnerability affects IBM Operations Analytics - Log Analysis. IBM Operations Analytics - Log Analysis have addressed the applicable CVE.
Vulnerability Details
CVEID: CVE-2016-2183
DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the in the Triple-DES on 64-bit block cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack.
CVSS Base Score: 3.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/116337 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
IBM Operations Analytics - Log Analysis version 1.3.2, 1.3.3, 1.3.3.1 and 1.3.5
Remediation/Fixes
Upgrade Instructions
1. Download the Fix JDK from fix central (ibm-java-sdk-8.0-4.1-linux-x86_64.tgz)
http://www-01.ibm.com/support/docview.wss?uid=swg24043270
At the bottom Download package section, click on Linux 64-bit x86 AMD/Intel Java SDK FC link
2. Copy the ibm-java-sdk-8.0-4.1-linux-x86_64.tgz to LA server and un-tar it into a temporary folder (/tmp)
and rename the directory from 'ibm-java-x86_64-80' to 'ibm-java'
/tmp> tar -xvf ibm-java-sdk-8.0-4.1-linux-x86_64.tgz
/tmp> mv ibm-java-x86_64-80 ibm-java
3. Stop Log Analysis
<LA_HOME>/utilities/unity,sh -stop
4. Take backup of <LA_HOME>/ibm-java folder
mv <LA_HOME>/ibm-java <LA_HOME>/ibm-java_back
5. Copy the ibm-java extracted in step 2 to <LA_HOME>
mv /tmp/ibm-java <LA_HOME>
6. Take a backup and replace the <LA_HOME>/ibm-java/jre/lib/security/cacerts file from backed up ibm-java folder.
mv <LA_HOME>/ibm-java/jre/lib/security/cacerts <LA_HOME>/ibm-java/jre/lib/security/cacerts_back
cp <LA_HOME>/ibm-java_back/jre/lib/security/cacerts <LA_HOME>/ibm-java/jre/lib/security/
7. Start Log Analysis
<LA_HOME>/utilities/unity,sh -start
Rollback Instructions
1. Stop Log Analysis
<LA_HOME>/utilities/unity,sh -stop
2. Backup of <LA_HOME>/ibm-java folder
mv <LA_HOME>/ibm-java <LA_HOME>/ibm-java_8.0-4.1
3. Restore original IBM Java
mv <LA_HOME>/ibm-java_back <LA_HOME>/ibm-java
4. Restore the original <LA_HOME>/ibm-java/jre/lib/security/cacerts file from backed up ibm-java folder.
mv <LA_HOME>/ibm-java/jre/lib/security/cacerts <LA_HOME>/ibm-java/jre/lib/security/cacerts_back
cp <LA_HOME>/ibm-java_8.0-4.1/jre/lib/security/cacerts <LA_HOME>/ibm-java/jre/lib/security/
5. Start Log Analysis
<LA_HOME>/utilities/unity,sh -start
Get Notified about Future Security Bulletins
References
Change History
8 November 2018: Original version published
*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
Disclaimer
Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.
Was this topic helpful?
Document Information
Modified date:
08 November 2018
UID
ibm10737365