IBM Support

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application and IHS server

Security Bulletin


Summary

The following security issues have been identified in the WebSphere Application Server and IHS server included as part of IBM Tivoli Monitoring (ITM) portal server.

Vulnerability Details


CVEID: CVE-2017-1380
DESCRIPTION: IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base Score: 5.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/127151 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

 

CVEID: CVE-2017-7679
DESCRIPTION: Apache HTTPD could allow a remote attacker to obtain sensitive information, caused by a buffer overread in mod_mime. By sending a specially crafted Content-Type response header, a remote attacker could exploit this vulnerability to read one byte past the end of a buffer.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/127420 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

 

CVEID: CVE-2017-7668
DESCRIPTION: Apache HTTPD is vulnerable to a denial of service, caused by a buffer overread in the ap_find_token() function. By sending a specially crafted sequence of request headers, a remote attacker could exploit this vulnerability to cause a segmentation fault.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/127419 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2017-7659
DESCRIPTION: Apache HTTPD is vulnerable to a denial of service, caused by a NULL pointer dereference in the mod_http2 component. By sending a specially crafted HTTP/2 request, a remote attacker could exploit this vulnerability to cause the server process to crash.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/127418 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2017-3169
DESCRIPTION: Apache HTTPD is vulnerable to a denial of service, caused by a NULL pointer dereference in mod_ssl. By sending a specially crafted HTTP request to an HTTPS port, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/127417 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2017-3167
DESCRIPTION: Apache HTTPD could allow a remote attacker to bypass security restrictions, caused by the use of the ap_get_basic_auth_pw() function by third-party modules outside of the authentication phase. A remote attacker could exploit this vulnerability to bypass authentication requirements.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/127416 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

 


CVEID: CVE-2017-1501
DESCRIPTION: IBM WebSphere Application Server could provide weaker than expected security after using the Admin Console to update the web services security bindings settings.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/129576 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID: CVE-2011-4343
DESCRIPTION: Apache MyFaces could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability using specially crafted parameters to inject EL expressions into input fields mapped as view parameters and obtain sensitive information.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/132287 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2017-1583
DESCRIPTION: IBM WebSphere Application Server could allow a remote attacker to obtain sensitive information caused by improper error handling by MyFaces in JSF.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/132342 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12618
DESCRIPTION: Apache Portable Runtime Utility (APR-util)is vulnerable to a denial of service, caused by failing to validate the integrity of SDBM database files used by apr_sdbm*() functions. By making a specially-crafted program or process, a local authenticated attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 5.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/134048 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

 

Affected Products and Versions

IBM Tivoli Monitoring versions 6.3.0 through 6.3.0 FP7 - Tivoli Enterprise Portal Server (TEPS) all CVEs above.

IBM Tivoli Monitoring versions 6.2.3 through 6.2.3 FP5 - Tivoli Enterprise Portal Server (TEPS) all CVE's except for CVE-2011-4343 and CVE-2017-1583

Remediation/Fixes

Portal Server-embedded WebSphere Application Server

 

 

Fix VMRF Remediation/First Fix
6.X.X-TIV-ITM_EWAS_ALL_8.00.14.01 6.3.0.x http://www.ibm.com/support/docview.wss?uid=swg24044586
Technote 6.2.3.x http://www.ibm.com/support/docview.wss?uid=swg21633720

Contains information and script which the details for downloading and installing the embedded WebSphere Application Server (eWAS) patches for IBM Tivoli Monitoring 6.23. The scripts provided are for supported unix, linux and windows platforms.

 

 

Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

References

Off

Change History

2017/12/18 Initial Document created

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

[{"Product":{"code":"SSTFXA","label":"Tivoli Monitoring"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"ITM Tivoli Enterprise Portal Server V6","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"6.3.0.7;6.3.0.6;6.3.0.5;6.3.0.4;6.3.0.3;6.3.0.2;6.2.3.5;6.2.3.4;6.2.3.3;6.2.3.2;6.2.3.1;6.2.3","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
29 June 2018

UID

swg22011813