Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2019.0338 Threat Intelligence Exchange Server update fixes an Exploitation of Authori zation vulnerability (CVE-2019-3641) (SB10303) 14 November 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: McAfee Threat Intelligence Exchange Server Operating System: Windows Impact/Access: Unauthorised Access -- Existing Account Modify Arbitrary Files -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2019-3641 Member content until: Saturday, December 14 2019 OVERVIEW Vulnerabilities have been identified in McAfee Threat Intelligence Exchange Server prior to version 3.0.0.[1] IMPACT The vendor has provided the following details regarding these issues: "CVE-2019-3641 Exploitation of Authorization vulnerability in McAfee Threat Intelligence Exchange Server (TIE Server) 3.0.0 allows authenticated OpenDXL clients that have been authorized to send messages to specific topics by the TIE administrator to modify stored reputation data via sending specially crafted messages. https://web.nvd.nist.gov/view/vuln/detailvulnId=CVE-2019-3641 https://cve.mitre.org/cgi-bin/cvename.cginame=CVE-2019-3641"[1] MITIGATION The vendor recommends updating to the latest version of McAfee Threat Intelligence Exchange Server. [1] REFERENCES [1] Threat Intelligence Exchange Server update fixes an Exploitation of Authorization vulnerability (CVE-2019-3641) (SB10303) https://kc.mcafee.com/corporate/index?page=content&id=SB10303 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXcz+42aOgq3Tt24GAQg2bRAA15w2i0T2kW4DLmts4ilwg2gZL+EyeblR AGAva6NalfnSdl1zKrXLtEBX7dHkR7fuBd6MnU73LdjNiyCY8EpM38fEbZx8nmJx FYnvb6udm2Q7SDinkYLHrHzEXHr1KJrir9b6HndALIF3KCDY1FwNk3R2wMFrFoEC QHaeurpx+LYF69cwYWqqPoJCXKjIm3BfeXzM4UNXUPkGNjAv6uX0o12na/DgS5I4 f42D6d/O9W9BztNpA6EmgY4UpqPeTLtFIpWEDEDFzXSEGbA7nF+ihasNy8EXiAru kTkxUQzQJZLFuma5bRU26Ecl1mH+BixE+TWrIAc5xSwhDwNCHzrNVASs1UFzP+C0 8/r6RMnUX9+O0rbQtnzE1ZJUe7OF4uVNClvdMu3yuWfgmsee4mbnDF9hvPrMNHry vH0S2nyXMxebJwUgpFkHlAEQhU5bIe6qywEY+ctI/nYSWqerR4o6AxxeLS+4u+Z+ h1khsGvePsqIdpP2ZXeuIAwHyLyLzVyBswhvJJBCkn75ZnNsp0/t+aT3Tj0cp/2x Hzqp8Gh6ROAP8WzYHuaRAhRwa69Cm6k2Q5gmyjvujXwqYyOKkNsqlkyMvE2X5386 Zp40D58jjjOdkWtAu1fQUQ+/86CuGKeK2Qn/Zpq/dHdx8p3mwvPZ6t3zaAhP7RCr vn94dESRQhI= =opAO -----END PGP SIGNATURE-----