Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2019.0338
Threat Intelligence Exchange Server update fixes an Exploitation of Authori
zation vulnerability (CVE-2019-3641) (SB10303)
14 November 2019
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: McAfee Threat Intelligence Exchange Server
Operating System: Windows
Impact/Access: Unauthorised Access -- Existing Account
Modify Arbitrary Files -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2019-3641
Member content until: Saturday, December 14 2019
OVERVIEW
Vulnerabilities have been identified in McAfee Threat Intelligence
Exchange Server prior to version 3.0.0.[1]
IMPACT
The vendor has provided the following details regarding these
issues:
"CVE-2019-3641
Exploitation of Authorization vulnerability in McAfee Threat
Intelligence Exchange Server (TIE Server) 3.0.0 allows authenticated
OpenDXL clients that have been authorized to send messages to
specific topics by the TIE administrator to modify stored reputation
data via sending specially crafted messages.
https://web.nvd.nist.gov/view/vuln/detailvulnId=CVE-2019-3641
https://cve.mitre.org/cgi-bin/cvename.cginame=CVE-2019-3641"[1]
MITIGATION
The vendor recommends updating to the latest version of McAfee
Threat Intelligence Exchange Server. [1]
REFERENCES
[1] Threat Intelligence Exchange Server update fixes an Exploitation of
Authorization vulnerability (CVE-2019-3641) (SB10303)
https://kc.mcafee.com/corporate/index?page=content&id=SB10303
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXcz+42aOgq3Tt24GAQg2bRAA15w2i0T2kW4DLmts4ilwg2gZL+EyeblR
AGAva6NalfnSdl1zKrXLtEBX7dHkR7fuBd6MnU73LdjNiyCY8EpM38fEbZx8nmJx
FYnvb6udm2Q7SDinkYLHrHzEXHr1KJrir9b6HndALIF3KCDY1FwNk3R2wMFrFoEC
QHaeurpx+LYF69cwYWqqPoJCXKjIm3BfeXzM4UNXUPkGNjAv6uX0o12na/DgS5I4
f42D6d/O9W9BztNpA6EmgY4UpqPeTLtFIpWEDEDFzXSEGbA7nF+ihasNy8EXiAru
kTkxUQzQJZLFuma5bRU26Ecl1mH+BixE+TWrIAc5xSwhDwNCHzrNVASs1UFzP+C0
8/r6RMnUX9+O0rbQtnzE1ZJUe7OF4uVNClvdMu3yuWfgmsee4mbnDF9hvPrMNHry
vH0S2nyXMxebJwUgpFkHlAEQhU5bIe6qywEY+ctI/nYSWqerR4o6AxxeLS+4u+Z+
h1khsGvePsqIdpP2ZXeuIAwHyLyLzVyBswhvJJBCkn75ZnNsp0/t+aT3Tj0cp/2x
Hzqp8Gh6ROAP8WzYHuaRAhRwa69Cm6k2Q5gmyjvujXwqYyOKkNsqlkyMvE2X5386
Zp40D58jjjOdkWtAu1fQUQ+/86CuGKeK2Qn/Zpq/dHdx8p3mwvPZ6t3zaAhP7RCr
vn94dESRQhI=
=opAO
-----END PGP SIGNATURE-----