Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2016.2343
Security Bulletin: Multiple vulnerabilities affect IBM
Omni-Channel Marketing products and IBM Watson products
6 October 2016
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: IBM Omni-Channel Marketing products
IBM Watson products
Publisher: IBM
Operating System: AIX
Linux variants
Solaris
Windows
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Modify Arbitrary Files -- Existing Account
Cross-site Request Forgery -- Remote with User Interaction
Denial of Service -- Remote/Unauthenticated
Access Confidential Data -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2016-5986 CVE-2016-5983 CVE-2016-3485
CVE-2016-3092 CVE-2016-0377 CVE-2016-0359
Reference: ASB-2016.0074
ESB-2016.1583
Original Bulletin:
http://www.ibm.com/support/docview.wss?uid=swg21991738
http://www.ibm.com/support/docview.wss?uid=swg21990062
Comment: This bulletin contains two (2) IBM security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
Security Bulletin: Security vulnerabilities have been identified in WebSphere
Application Server shipped with IBM Omni-Channel Marketing products suite
(CVE-2016-0377, CVE-2016-5983, CVE-2016-5986)
Security Bulletin
Document information
More support for:
IBM Campaign
Configuration
Software version:
8.6, 9.0, 9.1, 9.1.1, 9.1.2, 10.0
Operating system(s):
AIX, Linux, Solaris, Windows
Reference #:
1991738
Modified date:
2016-10-05
Summary
IBM WebSphere Application Server variants are shipped with IBM Omni-Channel
Marketing products suite. Information about a security vulnerabilities
affecting WebSphere Application Server has been published in security
bulletins.
Vulnerability Details
Refer to the security bulletin listed in the Remediation/Fixes section.
Affected Products and Versions
IBM Campaign : 8.6 - 10.0
IBM Contact Optimization : 8.6 - 10.0
IBM Distributed Marketing : 8.6 - 10.0
IBM Marketing Operations : 8.6 - 10.0
IBM Opportunity Detect : 9.1 - 10.0
IBM Interact 8.6 - 10.0
IBM Interact Advanced Patterns : 9.1.1 - 10.0
IBM Predictive Insight : 8.6 - 9.0
IBM Leads : 8.6 - 9.1.1
Remediation/Fixes
Refer to the following security bulletins for vulnerability details and
information about fixes addressed by IBM WebSphere Application Server which
is shipped with IBM Omni-Channel Marketing products suite.
Principal Product and Version(s) Affected Supporting Product and Version Affected Supporting Product Security Bulletin
IBM Campaign : 9.1.1 - 10.0 IBM WebSphere Application Server 8.5.5 http://www-01.ibm.com/support/docview.wss?uid=swg21980645
IBM Contact Optimization : 9.1.1 - 10.0 http://www-01.ibm.com/support/docview.wss?uid=swg21990056
IBM Distributed Marketing : 9.1.1 - 10.0 http://www-01.ibm.com/support/docview.wss?uid=swg21990060
IBM Marketing Operations : 9.1.1 - 10.0
IBM Opportunity Detect : 9.1.1 - 10.0
IBM Interact : 9.1.1 - 10.0
IBM Leads : 9.1.1
IBM Campaign : 9.1.0 IBM WebSphere Application Server 8.5.0.2 http://www-01.ibm.com/support/docview.wss?uid=swg21980645
IBM Contact Optimization : 9.1.0 http://www-01.ibm.com/support/docview.wss?uid=swg21990056
IBM Distributed Marketing : 9.1.0 http://www-01.ibm.com/support/docview.wss?uid=swg21990060
IBM Marketing Operations : 9.1.0
IBM Interact : 9.1.0
IBM Leads : 9.1.0
IBM Campaign : 8.6 - 9.0 IBM WebSphere Application Server - Express 8.0 http://www-01.ibm.com/support/docview.wss?uid=swg21980645
IBM Contact Optimization : 8.6 - 9.0 http://www-01.ibm.com/support/docview.wss?uid=swg21990056
IBM Distributed Marketing : 8.6 - 9.0 http://www-01.ibm.com/support/docview.wss?uid=swg21990060
IBM Marketing Operations : 8.6 - 9.0
IBM Predictive Insight - 8.6 - 9.0
IBM Interact 8.6 - 9.0
IBM Leads 8.6 - 9.0
IBM Opportunity Detect : 9.1 IBM WebSphere Application Server - Liberty 8.5.0.2 http://www-01.ibm.com/support/docview.wss?uid=swg21980645
IBM Interact Advanced Patterns : 9.1.1 - 10.0 http://www-01.ibm.com/support/docview.wss?uid=swg21990056
http://www-01.ibm.com/support/docview.wss?uid=swg21990060
Get Notified about Future Security Bulletins
Subscribe to
My Notifications
to be notified of important product support alerts like this.
References
Complete CVSS v3 Guide
On-line Calculator v3
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
04 Oct 2016 : Original Version Published
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- ---
Security Bulletin: Vulnerabilities exist in Watson Explorer Analytical
Components, Watson Content Analytics, and OmniFind Enterprise Edition
(CVE-2016-0359, CVE-2016-3092, CVE-2016-3485)
Security Bulletin
Document information
More support for:
Watson Explorer
Software version:
10.0.0, 10.0.0.1, 10.0.0.2, 10.0.0.3, 11.0.0, 11.0.0.1, 11.0.0.2, 11.0.0.3
Operating system(s):
AIX, Linux, Windows
Software edition:
Advanced
Reference #:
1990062
Modified date:
2016-10-05
Summary
Security vulnerabilities have been identified in IBM Watson Explorer
Analytical Components, IBM Watson Content Analytics, and OmniFind Enterprise
Edition. Not all vulnerabilites affect all products and versions.
Vulnerability Details
CVEID:
CVE-2016-0359
DESCRIPTION:
IBM WebSphere Application Server is vulnerable to HTTP response splitting
attacks. A remote attacker could exploit this vulnerability using specially-
crafted URL to cause the server to return a split response, once the URL is
clicked. This would allow the attacker to perform further attacks, such as
Web cache poisoning, cross-site scripting, and possibly obtain sensitive
information.
CVSS Base Score: 6.1
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/111929
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
CVEID:
CVE-2016-3092
DESCRIPTION:
Apache Tomcat is vulnerable to a denial of service, caused by an error in the
Apache Commons FileUpload component. By sending file upload requests, an
attacker could exploit this vulnerability to cause the server to become
unresponsive.
CVSS Base Score: 5.3
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/114336
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID:
CVE-2016-3485
DESCRIPTION:
An unspecified vulnerability in Oracle Java SE and Java SE Embedded related
to the Networking component has no confidentiality impact, low integrity
impact, and no availability impact.
CVSS Base Score: 2.9
CVSS Temporal Score: See
https://exchange.xforce.ibmcloud.com/vulnerabilities/115273
for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
Affected Products and Versions
To see which vulnerabilities apply to your product and version, see the
applicable row in the following table.
Affected Product Affected Versions Applicable Vulnerabilities
Watson Content Analytics 3.5.0.0 - 3.5.0.3 CVE-2016-3092
CVE-2016-0359
CVE-2016-3485
Watson Content Analytics 3.0.0.0 - 3.0.0.6 CVE-2016-3092
Watson Explorer Analytical Components 11.0.0.0 - 11.0.0.3 CVE-2016-3092
CVE-2016-0359
CVE-2016-3485
Watson Explorer Analytical Components 10.0.0.0 - 10.0.0.2 CVE-2016-3092
CVE-2016-0359
CVE-2016-3485
IBM Watson Explorer Annotation Administration Console 11.0.0.0 - 11.0.0.3 CVE-2016-3092
CVE-2016-0359
CVE-2016-3485
IBM Watson Explorer Annotation Administration Console 10.0.0.0 - 10.0.0.2 CVE-2016-3092
CVE-2016-0359
CVE-2016-3485
IBM OmniFind Enterprise Edition 9.1.0.0 - 9.1.0.5 CVE-2016-3092
IBM Content Analytics 2.2.0.0 - 2.2.0.3 CVE-2016-3092
Remediation/Fixes
For information about fixes, see the applicable row in the following table.
The table reflects product names at the time the specified versions were
released. To use the links to Fix Central in this table, you must first log
in to the IBM Support: Fix Central site at http://www.ibm.com/support/fixcentral/
Affected Product Affected Versions Fix
Watson Content Analytics 3.5.0.0 - 3.5.0.3 Upgrade to Watson Content Analytics Version 3.5.0.4. For information about this version, and links to the software and release notes, see the download document. For information about upgrading, see the upgrade procedures.
Watson Content Analytics 3.0.0.0 - 3.0.0.6 Contact IBM Support.
Watson Explorer Analytical Components versions 11.0.0.0 - 11.0.0.3 Contact IBM Support.
Watson Explorer Analytical Components versions 10.0.0.0 - 10.0.0.2 Contact IBM Support.
IBM Watson Explorer Annotation Administration Console 11.0.0.0 - 11.0.0.3 Contact IBM Support.
IBM Watson Explorer Annotation Administration Console 10.0 - 10.0.0.2 Contact IBM Support.
IBM OmniFind Enterprise Edition 9.1 - 9.1.0.5 Contact IBM Support.
IBM Content Analytics 2.2 - 2.2.0.3 Contact IBM Support.
Workarounds and Mitigations
None.
Get Notified about Future Security Bulletins
Subscribe to
My Notifications
to be notified of important product support alerts like this.
References
Complete CVSS v3 Guide
On-line Calculator v3
Related information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
5 October 2016: Original version published
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBV/YAMYx+lLeg9Ub1AQj14g//cDXjcsz5uNvtuD5+Dn9a1kuNpw64LIJk
1aezUkvypFkIcyS81CzFyWXPiQB1YZnJlqUr2sFEOI34NHf3OBqGeYzztuZKqMtW
l2jXID6Xh1Pqtx29Em+fCiJ2EAUyD+Px1ZYCupeBOSzpiXX/pysJOPhkhBAy3RGR
+qNSsSaCc+QAxiFiBrVlzskQ8Zua0j6fOAsKUH+2PFf9l3d/ePCR+RjqbyaLhudi
+tVhk/vFK2bRd9iQKgkroOvf7HgjyrEMvI/GGwMDeHE2QkeUSmliowQIDeDxvIoe
Na+t1+VIgGf6xFsPur4DCIw3jjJde5cOa4nLk4pvBj3k5LA577ynhraLVzJwYnQc
2sOMLPpTa1TukHtWGcTTQCXxuYantQNGMebwpvRfT/cxMq8I1GMuYvqp6ciPG6Ai
Y0UqHm9hcCerOw5QmdxHQE9/UAkNh2VZyVAe8SkJ+t8s1sB95TKwgxwEGVGm2cP6
HFiWl/tjfb/e/BFhTIWPrYybWVsHUWONRAfzzAC6qzXV0T4YawZJ+ElsXVxFB9PB
0mKyCIH7oAuMyf7dMKAZvwbpNBWGFjtN3Lz4aEycQCd/nHPd6WeAxUB9FPOUbEsN
SrL4BYc31Ol5W+tVicVRFf4iJBqzue+Q9k6voUUX2hlihQWANhIAPnkwxvydgp57
N0dNqQxS9XU=
=3fO8
-----END PGP SIGNATURE-----