Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2014.1485
Multiple vulnerabilities have been identified in IBM Cognos TM1
2 September 2014
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: IBM Cognos TM1
Publisher: IBM
Operating System: AIX
HP-UX
Linux variants
Solaris
Windows
Impact/Access: Access Privileged Data -- Remote/Unauthenticated
Provide Misleading Information -- Remote/Unauthenticated
Denial of Service -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2014-0877 CVE-2014-0863 CVE-2014-0411
CVE-2014-0224 CVE-2013-4322
Reference: ASB-2014.0069.2
ASB-2014.0068
ASB-2014.0005
ESB-2014.0887
ESB-2014.0468
ESB-2013.0995
ESB-2013.0924
ESB-2013.0667
Original Bulletin:
http://www-01.ibm.com/support/docview.wss?uid=swg21682395
http://www-01.ibm.com/support/docview.wss?uid=swg21682398
http://www-01.ibm.com/support/docview.wss?uid=swg21682397
http://www-01.ibm.com/support/docview.wss?uid=swg21682399
http://www-01.ibm.com/support/docview.wss?uid=swg21682396
Comment: This bulletin contains five (5) IBM security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
Security Bulletin: IBM Cognos TM1 is affected by security vulnerability
CVE-2014-0877
Document information
More support for:
Cognos TM1
Software version:
10.2, 10.2.2
Operating system(s):
AIX, HP-UX, Linux, Solaris, Windows
Reference #:
1682395
Modified date:
2014-08-29
Security Bulletin
Summary
The link generated when opening the Rights page for an application can be
opened anywhere, without the need to log in.
Vulnerability Details
CVE-ID: CVE-2014-0877
CVSS Base Score: 4
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/91064 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:P/A:N)
Affected Products and Versions
IBM Cognos TM1 10.2.0.2
IBM Cognos TM1 10.2.2
Remediation/Fixes
The recommended solution is to apply the fix in the versions listed as
soon as practical:
10.2.0.2 IF1
10.2.2.0 IF1
References
Complete CVSS Guide
On-line Calculator V2
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency
and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT
WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING
THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- -----------
Security Bulletin: IBM Cognos TM1 is affected by the following OpenSSL
vulnerabilities: CVE-2014-0224
Document information
More support for:
Cognos TM1
Software version:
9.5.2, 10.1.1, 10.2, 10.2.2
Operating system(s):
AIX, HP-UX, Linux, Solaris, Windows
Reference #:
1682398
Modified date:
2014-08-29
Security Bulletin
Summary
Security vulnerabilities have been discovered in OpenSSL that were reported
on June 5, 2014 by the OpenSSL Project
Vulnerability Details
CVE-ID: CVE-2014-0224
DESCRIPTION: OpenSSL is vulnerable to a man-in-the-middle attack, caused
by the use of weak keying material in SSL/TLS clients and servers. A
remote attacker could exploit this vulnerability using a specially-crafted
handshake to conduct man-in-the-middle attacks to decrypt and modify traffic.
CVSS Base Score: 5.8
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/93586 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:N)
Affected Products and Versions
IBM Cognos TM1 9.5.2.3
IBM Cognos TM1 10.1.1.2
IBM Cognos TM1 10.2.0.2
IBM Cognos TM1 10.2.2
Remediation/Fixes
The recommended solution is to apply the fix in the versions listed as
soon as practical:
9.5.2.3 IF5
10.1.1.2 IF1
10.2.0.2 IF1
10.2.2.0 IF1
Workarounds and Mitigations
None known
References
Complete CVSS Guide
On-line Calculator V2
OpenSSL Project vulnerability website
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency
and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT
WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING
THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- ------
Security Bulletin: IBM Cognos TM1 is affected by the following vulnerability:
CVE-2014-0863
Document information
More support for:
Cognos TM1
Software version:
9.5.2, 10.1.1, 10.2, 10.2.2
Operating system(s):
AIX, HP-UX, Linux, Solaris, Windows
Reference #:
1682397
Modified date:
2014-08-29
Security Bulletin
Summary
A security vulnerability has been discovered in IBM Cognos TM1 resulting
in unencrypted passwords found in memory on client.
Vulnerability Details
CVE-ID: CVE-2014-0863
CVSS Base Score: 4.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/90937 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:N/A:N)
An obfuscated password in the TM1 application can be retrieved. Testers
were able to use a security tool to obtain the password for a database user.
Affected Products and Versions
IBM Cognos TM1 9.5.2.3
IBM Cognos TM1 10.1.1.2
IBM Cognos TM1 10.2.0.2
IBM Cognos TM1 10.2.2
Remediation/Fixes
The recommended solution is to apply the fix in the versions listed as
soon as practical:
9.5.2.3 IF5
10.1.1.2 IF1
10.2.0.2 IF1
10.2.2.0 IF1
References
Complete CVSS Guide
On-line Calculator V2
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency
and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT
WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING
THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- ---
Security Bulletin: IBM Cognos TM1 is affected by the following Tomcat
vulnerability: CVE-2013-4322
Document information
More support for:
Cognos TM1
Software version:
10.1.1, 10.2.2
Operating system(s):
AIX, HP-UX, Linux, Solaris, Windows
Reference #:
1682399
Modified date:
2014-08-29
Security Bulletin
Summary
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10
processes chunked transfer coding without properly handling (1) a large
total amount of chunked data or (2) whitespace characters in an HTTP
header value within a trailer field, which allows remote attackers to
cause a denial of service by streaming data.
NOTE: this vulnerability exists because of an incomplete fix for
CVE-2012-3544.
Vulnerability Details
CVE-ID: CVE-2013-4322
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/91625 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Affected Products and Versions
IBM Cognos TM1 10.1.1.2
IBM Cognos TM1 10.2.2
Remediation/Fixes
The recommended solution is to apply the fix in the versions listed as
soon as practical:
10.1.1.2 IF1
10.2.2.0 IF1
References
Complete CVSS Guide
On-line Calculator V2
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency
and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT
WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING
THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- -----
Security Bulletin: IBM Java Quarterly CPU - Jan 2014 affecting IBM Cognos
TM1 (CVE-2014-0411)
Security Bulletin
More support for:
Cognos TM1
Software version:
9.5.2, 10.1.1, 10.2, 10.2.2
Operating system(s):
AIX, HP-UX, Linux, Solaris, Windows
Reference #:
1682396
Modified date:
2014-08-29
Summary
Timing differences based on validity of TLS messages can be exploited
to decrypt the entire session. The exploit is not trivial, requiring a
man-in-the-middle position and a long time to complete.
Vulnerability Details
CVE-ID: CVE-2014-0411
CVSS Base Score: 4
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/90357 for the
current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)
Affected Products and Versions
IBM Cognos TM1 9.5.2.3
IBM Cognos TM1 10.1.1.2
IBM Cognos TM1 10.2.0.2
IBM Cognos TM1 10.2.2
Remediation/Fixes
The recommended solution is to apply the fix in the versions listed as
soon as practical:
9.5.2.3 IF5
10.1.1.2 IF1
10.2.0.2 IF1
10.2.2.0 IF1
References
Complete CVSS Guide
On-line Calculator V2
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency
and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT
WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING
THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVAUfqRLndAQH1ShLAQLPtg/+KoU2cgVNlwlyzVG2Kn0tl8324sK8nEbb
rSPx+d+URJ9OzYdvx5rro1Si++q53j54W1HSrtR8cgeD+IKQsDt7/Ls0p5a9RN0k
s9p3MH0sHGeQ1iAnLQKThWQcKwusJpR0VewEbSCZGE8z8gcsHtPNu8Hc1HsJE3pm
rG0L2dBWVwXT/SsPU1uebivt0kERVc0HnMFazD0NuoxGWRuG9kJy5bE+pET1lBAr
rD/W8/ltq7ekEQqznVp+2h9KysMEhj5w/Z9Lw12BfNiOjORMvA98DNNOqWu3vrEH
5fEILxdyoXefm3JUxhBB425+P86wYqLtunfKMa/h4gwe/oinsRT8/QNFDGrheplT
8YvT6G2dKuCqdCBMHtCX02G/7iR35nUzgLIFAI14Dy1NshJBoRVSyAB4UprhpNvc
p4SmRmRKRP9Di/tyX44+Lq+MMVluxFucAnrEAtecJh5jkvb6iB8g9pLhDhaLujGO
Xufdfp5Z1u4stvUJYc3jucXsAuDUovIoaiaD4T9949mhdm51NdsmZTueDS78UJkd
T/s4e0EAZQewFlpTiu/rkGXcg03ejQCY1cYwlz9RTbmnH6yZKjUugWHGsBiN4PJj
HzBHox+kIFL2kBOWhp/dUvg+uA6GlvwJtM07muKrP3CHK6C37s/rsXJFbqYyfhLU
INpPxKv99qw=
=Vi38
-----END PGP SIGNATURE-----