Security vulnerabilities have been identified in IBM Watson Explorer Analytical Components, Watson Explorer Foundational Components Annotation Administration Console, IBM Watson Content Analytics, IBM Content Analytics, and OmniFind Enterprise Edition. Not all vulnerabilites affect all products and versions.
CVEID: CVE-2016-0359
DESCRIPTION: IBM WebSphere Application Server is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning, cross-site scripting, and possibly obtain sensitive information.
CVSS Base Score: 6.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/111929 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
CVEID: CVE-2016-3092
DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/114336 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2016-3485
DESCRIPTION: An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the Networking component has no confidentiality impact, low integrity impact, and no availability impact.
CVSS Base Score: 2.9
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/115273 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
To see which vulnerabilities apply to your product and version, see the applicable row in the following table.
Affected Product
| Affected Versions | Applicable Vulnerabilities |
Watson Explorer Analytical Components | 11.0.0.0 - 11.0.0.3, 11.0.1.0 | CVE-2016-3092
CVE-2016-0359
CVE-2016-3485 |
Watson Explorer Analytical Components | 10.0.0.0 - 10.0.0.2 | CVE-2016-3092
CVE-2016-0359
CVE-2016-3485 |
IBM Watson Explorer Foundational Components Annotation Administration Console | 11.0.0.0 - 11.0.0.3, 11.0.1.0 | CVE-2016-3092
CVE-2016-0359
CVE-2016-3485 |
IBM Watson Explorer Foundational Components Annotation Administration Console | 10.0.0.0 - 10.0.0.2 | CVE-2016-3092
CVE-2016-0359
CVE-2016-3485 |
Watson Content Analytics | 3.5.0.0 - 3.5.0.3 | CVE-2016-3092
CVE-2016-0359
CVE-2016-3485 |
IBM Content Analytics | 3.0.0.0 - 3.0.0.6 | CVE-2016-3092
CVE-2016-3485 |
IBM OmniFind Enterprise Edition | 9.1.0.0 - 9.1.0.5 | CVE-2016-3092 |
IBM Content Analytics | 2.2.0.0 - 2.2.0.3 | CVE-2016-3092 |
For information about fixes, see the applicable row in the following table. The table reflects product names at the time the specified versions were released. To use the links to Fix Central in this table, you must first log in to the IBM Support: Fix Central site at http://www.ibm.com/support/fixcentral/.
Affected Product | Affected Versions | Vulnerability | Fix |
Watson Explorer Analytical Components | 11.0.0.0 - 11.0.0.3, 11.0.1 | CVE-2016-3092
CVE-2016-0359
CVE-2016-3485 | Upgrade to Watson Explorer Analytical Components Version 11.0.2. For information about this version, and links to the software and release notes, see the download document. For information about upgrading, see the upgrade procedures. |
IBM Watson Explorer Foundational Components Annotation Administration Console | 11.0.0.0 - 11.0.0.3, 11.0.1 | CVE-2016-3092
CVE-2016-0359
CVE-2016-3485 | Upgrade to Watson Explorer Foundational Components Annotation Administration Console Version 11.0.2. For information about this version, and links to the software and release notes, see the download document. For information about upgrading, see the upgrade procedures. |
Watson Explorer Analytical Components | 10.0.0.0 - 10.0.0.2 | CVE-2016-3092 |
- If not already installed, install V10.0 Fix Pack 2 (see the Fix Pack download document).
- Download the package from Fix Central: interim fix 10.0.0.2-WS-WatsonExplorer-AEAnalytical-IF002 or later.
- To install the fix, see http://www.ibm.com/support/docview.wss?uid=swg21996334.
|
Watson Explorer Analytical Components | 10.0.0.0 - 10.0.0.2 | CVE-2016-3485 |
- If not already installed, install V10.0 Fix Pack 2 (see the Fix Pack download document).
If you upgrade to Version 10.0.0.2 after you update IBM Java Runtime, your changes are lost and you must repeat the steps.
- Download the 32-bit (or 31-bit, if you use Linux on System z) and 64-bit packages of IBM Java Runtime, Version 7 package for your edition (Enterprise or Advanced) and operating system from Fix Central: interim fix 10.0.0.2-WS-WatsonExplorer-<Edition>Analytical-<OS>[32|31]-7SR9FP60 or later. For example, 10.0.0.2-WS-WatsonExplorer-AEAnalytical-Linux-7SR9FP60 and 10.0.0.2-WS-WatsonExplorer-AEAnalytical-Linux32-7SR9FP60.
- To apply the fix, follow the steps in Updating IBM Java Runtime.
- Rename $ES_INSTALL_ROOT/lib/activation.jar
to activation.jar.orig
|
Watson Explorer Analytical Components | 10.0.0.0 - 10.0.0.2 | CVE-2016-0359 | Important: Perform these steps as a Watson Explorer Analytical Components administrative user, typically esadmin.
- If not already installed, install V10.0 Fix Pack 2 (see the Fix Pack download document).
- Download the package from Fix Central: interim fix 10.0.0.2-WS-WatsonExplorer-AEAnalytical-IF002 or later and extract the contents of the fix into a temporary directory.
- Stop Watson Explorer Analytical Components.
- Overwrite the old version of esctrl.jar with the fixed version in the $ES_INSTALL_ROOT/lib directory.
- Remove or rename the $ES_INSTALL_ROOT/wlp directory.
- Extract wlp-core-embeddable-16.0.0.3.zip in the $ES_INSTALL_ROOT directory. The wlp directory is created. For example, $ unzip wlp-core-embeddable-16.0.0.3.zip -d $ES_INSTALL_ROOT
- Run the fix for WebSphere Application Server Liberty profile, 16003-wlp-archive-IFPI62375.jar. For example, $ java -jar 16003-wlp-archive-IFPI62375.jar --installLocation $ES_INSTALL_ROOT/wlp
- Note: When you run the fix, use the JVM for which the major version is same as the version that is used by Watson Explorer, and the minor version is the latest minor version. For example, Java 7.0.9.60 for Watson Explorer V10.
- Using a text editor, set the $ES_INSTALL_ROOT/configurations/interfaces/indexservice__interface.ini classpath to be:
classpath=es.indexservice.jar,antlr-2.7.2.jar,cloudscape/lib/derbyclient.jar,cloudscape/lib/derby.jar,an_icm.jar,es.dock.jar,oze_search.jar,wlp/dev/api/spec/com.ibm.ws.javaee.servlet.3.0_1.0.14.jar,es.rdf.jar,bcprov-jdk15-1.44.jar,fontbox-1.8.8.jar,jempbox-1.8.8.jar,pdfbox-1.8.8.jar
- The new classpath replaces:
classpath=es.indexservice.jar,antlr-2.7.2.jar,cloudscape/lib/derbyclient.jar,cloudscape/lib/derby.jar,an_icm.jar,es.dock.jar,oze_search.jar,wlp/dev/api/spec/com.ibm.ws.javaee.servlet.3.0_1.0.1.jar,es.rdf.jar,bcprov-jdk15-1.44.jar,fontbox-1.8.8.jar,jempbox-1.8.8.jar,pdfbox-1.8.8.jar
- After saving the changes, restart Watson Explorer Analytical Components.
|
IBM Watson Explorer Foundational Components Annotation Administration Console | 10.0 - 10.0.0.2 | CVE-2016-3092 |
- If not already installed, install V10.0 Fix Pack 2 (see the Fix Pack download document).
- Download the package from Fix Central: interim fix 10.0.0.2-WS-WatsonExplorer-<edition>FoundationalAAC-IF002 or later.
- To install the fix, see http://www.ibm.com/support/docview.wss?uid=swg21996334.
|
IBM Watson Explorer Foundational Components Annotation Administration Console | 10.0 - 10.0.0.2 | CVE-2016-3485
|
- If not already installed, install V10.0 Fix Pack 2 (see the Fix Pack download document).
If you upgrade to Version 10.0.0.2 after you update IBM Java Runtime, your changes are lost and you must repeat the steps.
- Download the 32-bit and 64-bit packages of IBM Java Runtime, Version 7 for your edition (Enterprise or Advanced) and your operating system from Fix Central: 10.0.0.2-WS-WatsonExplorer-AEFoundationallAAC-<OS>[32]-7SR9FP60 or later. For example, 10.0.0.2-WS-WatsonExplorer-AEFoundationalAAC-Linux-7SR9FP60 and 10.0.0.2-WS-WatsonExplorer-AEFoundationalAAC-Linux32-7SR9FP60.
- To apply the fix, follow the steps in Updating IBM Java Runtime.
- Rename $ES_INSTALL_ROOT/lib/activation.jar
to activation.jar.orig
|
IBM Watson Explorer Foundational Components Annotation Administration Console | 10.0 - 10.0.0.2 | CVE-2016-0359
| Important: Perform these steps as a Watson Explorer Annotation Administration Console administrative user, typically esadmin.
- If not already installed, install V10.0 Fix Pack 2 (see the Fix Pack download document).
- Download the package from Fix Central: interim fix 10.0.0.2-WS-WatsonExplorer-<edition>FoundationalAAC-IF002 or later and extract the contents of the fix into a temporary directory.
- Stop Watson Explorer Annotation Administration Console.
- Overwrite the old version of esctrl.jar with the fixed version in the $ES_INSTALL_ROOT/lib directory.
- Remove or rename the $ES_INSTALL_ROOT/wlp directory.
- Extract wlp-core-embeddable-16.0.0.3.zip in the $ES_INSTALL_ROOT directory. The wlp directory is created. For example, $ unzip wlp-core-embeddable-16.0.0.3.zip -d $ES_INSTALL_ROOT
- Run the fix for WebSphere Application Server Liberty profile, 16003-wlp-archive-IFPI62375.jar. For example, $ java -jar 16003-wlp-archive-IFPI62375.jar --installLocation $ES_INSTALL_ROOT/wlp
- Note: When you run the fix, use the JVM for which the major version is same as the version that is used by Watson Explorer, and the minor version is the latest minor version. For example, Java 7.0.9.60 for Watson Explorer V10.
- Using a text editor, set the $ES_INSTALL_ROOT/configurations/interfaces/indexservice__interface.ini classpath to be:
classpath=es.indexservice.jar,antlr-2.7.2.jar,cloudscape/lib/derbyclient.jar,cloudscape/lib/derby.jar,an_icm.jar,es.dock.jar,oze_search.jar,wlp/dev/api/spec/com.ibm.ws.javaee.servlet.3.0_1.0.14.jar,es.rdf.jar,bcprov-jdk15-1.44.jar,fontbox-1.8.8.jar,jempbox-1.8.8.jar,pdfbox-1.8.8.jar
- The new classpath replaces:
classpath=es.indexservice.jar,antlr-2.7.2.jar,cloudscape/lib/derbyclient.jar,cloudscape/lib/derby.jar,an_icm.jar,es.dock.jar,oze_search.jar,wlp/dev/api/spec/com.ibm.ws.javaee.servlet.3.0_1.0.1.jar,es.rdf.jar,bcprov-jdk15-1.44.jar,fontbox-1.8.8.jar,jempbox-1.8.8.jar,pdfbox-1.8.8.jar
- After saving the changes, restart Annotation Administration Console.
|
Watson Content Analytics | 3.5.0.0 - 3.5.0.3 | CVE-2016-3092
CVE-2016-3485
CVE-2016-0359 | Upgrade to Watson Content Analytics Version 3.5.0.4. For information about this version, and links to the software and release notes, see the download document. For information about upgrading, see the upgrade procedures. |
IBM Content Analytics | 3.0.0.0 - 3.0.0.6 | CVE-2016-3092 |
- If not already installed, install V3.0 Fix Pack 6 (see the Fix Pack download document).
- Download the package from Fix Central: interim fix 3.0.0.6-WT-ICA-IF002.
- To install the fix, see http://www.ibm.com/support/docview.wss?uid=swg21996334.
|
IBM Content Analytics | 3.0.0.0 - 3.0.0.6 | CVE-2016-3485
|
- If not already installed, install V3.0 Fix Pack 6 (see the Fix Pack download document).
If you upgrade to Version 3.0.0.6 after you configure IBM Java Runtime, your changes are lost and you must repeat the steps.
- Download the 32-bit (or 31-bit, if you use Linux on System z) and 64-bit packages of IBM Java Runtime, Version 6 for your operating system from Fix Central: interim fix 3.0.0.6-WT-ICA-<OS>[32|31]-6SR16FP35 or later. For example, 3.0.0.6-WT-ICA-Linux-6SR16FP35 and 3.0.0.6-WT-ICA-Linux32-6SR16FP35.
- To apply the fix, follow the steps in Updating IBM Java Runtime.
- Rename $ES_INSTALL_ROOT/lib/activation.jar
to activation.jar.orig
|
IBM OmniFind Enterprise Edition | 9.1 - 9.1.0.5 | CVE-2016-3092 | Contact IBM Support. |
IBM Content Analytics | 2.2 - 2.2.0.3 | CVE-2016-3092 | Contact IBM Support. |
References
Off
20 December 2016: Fixes that address the applicable vulnerabilities are now available for Watson Explorer 11.0.0.0-11.0.0.3 and 11.0.1, Watson Explorer 10.0.0-10.0.0.2, Watson Content Analytics 3.5.0-3.5.0.4, and IBM Content Analytics 3.0.0-3.0.0.6.
5 October 2016: Original version published
*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
[{"Product":{"code":"SS8NLW","label":"IBM Watson Explorer"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"--","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"10.0.0;10.0.0.1;10.0.0.2;10.0.0.3;11.0.0;11.0.0.1;11.0.0.2;11.0.0.3;11.0.1","Edition":"Advanced","Line of Business":{"code":"LOB10","label":"Data and AI"}},{"Product":{"code":"SS5RWK","label":"Content Analytics with Enterprise Search"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":" ","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"3.5;3.0;2.2","Edition":"All Editions","Line of Business":{"code":"LOB10","label":"Data and AI"}},{"Product":{"code":"SS5SQ7","label":"OmniFind Enterprise Edition"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":" ","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"9.1","Edition":"All Editions","Line of Business":{"code":"LOB10","label":"Data and AI"}}]