Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.3913 Multiple Security Vulnerabilities Affect IBM Sterling B2B Integrator 18 December 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: IBM Sterling B2B Integrator Publisher: IBM Operating System: AIX HP-UX IBM i Linux variants Solaris Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Create Arbitrary Files -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Cross-site Scripting -- Remote with User Interaction Provide Misleading Information -- Remote with User Interaction Access Confidential Data -- Remote/Unauthenticated Unauthorised Access -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2018-12538 CVE-2018-12536 CVE-2018-5429 CVE-2017-7658 CVE-2017-7657 CVE-2017-7656 CVE-2016-2171 CVE-2016-0712 CVE-2016-0711 CVE-2016-0710 CVE-2016-0709 CVE-2015-5254 CVE-2014-3600 CVE-2014-3596 CVE-2014-3576 CVE-2012-5784 CVE-2011-5034 CVE-2011-4905 CVE-2008-0732 CVE-2007-5797 CVE-2007-4548 CVE-2006-0254 Reference: ASB-2017.0169 ASB-2017.0104.2 ASB-2017.0043 ASB-2015.0103 ESB-2018.2721 ESB-2018.2426 ESB-2018.1888 ESB-2016.0442 Original Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10728833 http://www.ibm.com/support/docview.wss?uid=ibm10728839 http://www.ibm.com/support/docview.wss?uid=ibm10728841 http://www.ibm.com/support/docview.wss?uid=ibm10728893 http://www.ibm.com/support/docview.wss?uid=ibm10728823 http://www.ibm.com/support/docview.wss?uid=ibm10728825 Comment: This bulletin contains six (6) IBM security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- Security Bulletin: Multiple Security Vulnerabilities in ActiveMQ Affect IBM Sterling B2B Integrator Security Bulletin Document information More support for: Sterling B2B Integrator Software version: 5.2.0.1 - 5.2.6.3 Operating system(s): AIX, HP-UX, IBM i, Linux, Solaris, Windows Reference #: 0728833 Modified date: 17 December 2018 Summary There are multiple security vulnerabilities in ActiveMQ that affect IBM Sterling B2B Integrator Vulnerability Details CVEID: CVE-2011-4905 DESCRIPTION: Apache ActiveMQ is vulnerable to a denial of service, caused by an error in the failover mechanism when handling an openwire connection request. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the broker service to crash. CVSS Base Score: 5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/71620 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) CVEID: CVE-2012-5784 DESCRIPTION: Apache Axis 1.4, as used in multiple products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject''s Common Name (CN) field of the X.509 certificate. An attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server and launch further attacks against a vulnerable target. CVSS Base Score: 4.3 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/79829 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) CVEID: CVE-2014-3576 DESCRIPTION: Apache ActiveMQ is vulnerable to a denial of service, caused by an error in the processControlCommand function in broker/TransportConnection.java. A remote attacker could use the shutdown command to shutdown the service. CVSS Base Score: 7.5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107290 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVEID: CVE-2014-3600 DESCRIPTION: Apache ActiveMQ could allow a remote attacker to obtain sensitive information, caused by an XML External Entity Injection (XXE) error when processing XML data. By sending specially-crafted XML data to specify an XPath based selector, an attacker could exploit this vulnerability to obtain sensitive information. CVSS Base Score: 5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/100722 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) CVEID: CVE-2015-5254 DESCRIPTION: Apache ActiveMQ could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the classes that can be serialized in the broker. An attacker could exploit this vulnerability using a specially crafted serialized Java Message Service (JMS) ObjectMessage object to execute arbitrary code on the system. CVSS Base Score: 7.3 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/109632 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) Affected Products and Versions IBM Sterling B2B Integrator 5.2.0.1 - 5.2.6.3 Remediation/Fixes +----------------------------+------------------------------------------------+ |PRODUCT & Version |Remediation/Fix | +----------------------------+------------------------------------------------+ |IBM Sterling B2B Integrator |Apply IBM Sterling B2B Integrator version | |5.2.0.1 - 5.2.6.3 |6.0.0.0 or 5.2.6.4 available on Fix Central | +----------------------------+------------------------------------------------+ Workarounds and Mitigations None Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. Reference Complete CVSS v2 Guide On-line Calculator v2 Complete CVSS v3 Guide On-line Calculator v3 Related Information IBM Secure Engineering Web Portal IBM Product Security Incident Response Blog Change History 24 August 2018: Original version published *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin. Disclaimer According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. - ------------------------------------------------------------------------------ Security Bulletin: Multiple Security Vulnerabilities in Apache Axis Affect IBM Sterling B2B Integrator (CVE-2014-3596, CVE-2012-5784) Security Bulletin Document information More support for: Sterling B2B Integrator Software version: 5.2.0.1 - 5.2.6.3 Operating system(s): AIX, HP-UX, IBM i, Linux, Solaris, Windows Reference #: 0728839 Modified date: 17 December 2018 Summary IBM Sterling B2B Integrator uses ActiveMQ. ActiveMQ uses Axis and is vulnerable. Vulnerability Details CVEID: CVE-2012-5784 DESCRIPTION: Apache Axis 1.4, as used in multiple products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject''s Common Name (CN) field of the X.509 certificate. An attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server and launch further attacks against a vulnerable target. CVSS Base Score: 4.3 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/79829 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) CVEID: CVE-2014-3596 DESCRIPTION: Apache Axis and Axis2 could allow a remote attacker to conduct spoofing attacks, caused by and incomplete fix related to the failure to verify that the server hostname matches a domain name in the subject''s Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. CVSS Base Score: 4.3 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/95377 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) Affected Products and Versions IBM Sterling B2B Integrator 5.2.0.1 - 5.2.6.3 Remediation/Fixes +----------------------------+------------------------------------------------+ |PRODUCT & Version |Remediation/Fix | +----------------------------+------------------------------------------------+ |IBM Sterling B2B Integrator |Apply IBM Sterling B2B Integrator version | |5.2.0.1 - 5.2.6.3 |6.0.0.0 or 5.2.6.4 available on Fix Central | +----------------------------+------------------------------------------------+ Workarounds and Mitigations None Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. Reference Complete CVSS v2 Guide On-line Calculator v2 Related Information IBM Secure Engineering Web Portal IBM Product Security Incident Response Blog Change History 24 August 2018: Original version published *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin. Disclaimer According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. - ------------------------------------------------------------------------------ Security Bulletin: Multiple Security Vulnerabilities in Apache Geronimo Affect IBM Sterling B2B Integrator Security Bulletin Document information More support for: Sterling B2B Integrator Software version: 5.2.0.1 - 5.2.6.3 Operating system(s): AIX, HP-UX, IBM i, Linux, Solaris, Windows Reference #: 0728841 Modified date: 17 December 2018 Summary Multiple Security Vulnerabilities in Apache Geronimo Affect IBM Sterling B2B Integrator Vulnerability Details CVEID: CVE-2008-0732 DESCRIPTION: Apache Geronimo could allow a local attacker to obtain sensitive information, caused by the init script following symlinks during a chown operation. A location attacker could exploit this vulnerability and gain unauthorized access to files and directories to obtain sensitive information. CVSS Base Score: 2.1 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/40562 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:N/A:N) CVEID: CVE-2011-5034 DESCRIPTION: Apache Geronimo is vulnerable to a denial of service, caused by insufficient randomization of hash data structures. By sending multiple specially-crafted HTTP POST requests to an affected application containing conflicting hash key values, a remote attacker could exploit this vulnerability to cause the consumption of CPU resources. CVSS Base Score: 5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/72047 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) CVEID: CVE-2006-0254 DESCRIPTION: Apache Geronimo is vulnerable to cross-site scripting, caused by improper validation of HTML tags by the Web-Access-Log Viewer. A remote attacker could exploit this vulnerability using a specially-crafted HTTP request to embed malicious script within the log file which, once the log file is viewed, would be executed in the administrator''s Web browser within the security context of the hosting Web site, allowing the attacker to steal the victim''s cookie-based authentication credentials. CVSS Base Score: 2.8 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/24159 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) CVEID: CVE-2007-5797 DESCRIPTION: Apache Geronimo could alllow a remote attacker to bypass security restrictions, caused by an error in the SQLLoginModule during the authentication process. By logging into the database with a non-existent username, a remote attacker could exploit this vulnerability to bypass authentication and gain unauthorized access to the vulnerable system. Note: The IBM WebSphere Application Server Community Edition is also affected by this vulnerability. CVSS Base Score: 7.5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/38211 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P) CVEID: CVE-2007-4548 DESCRIPTION: Apache Geronimo could allow a remote attacker to bypass security restrictions, caused by the login method in LoginModule implementations failing to throw an exception for failed logins. A remote attacker could exploit this vulnerability to bypass authentication and send a null username and password in the command line deployer of the deployment module to gain unauthorized access to the vulnerable system. CVSS Base Score: 7 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/36468 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C) Affected Products and Versions 5.2.0.1 - 5.2.6.3 Remediation/Fixes +----------------------------+------------------------------------------------+ |PRODUCT & Version |Remediation/Fix | +----------------------------+------------------------------------------------+ |IBM Sterling B2B Integrator |Apply IBM Sterling B2B Integrator version | |5.2.0.1 - 5.2.6.3 |6.0.0.0 or 5.2.6.4 available on Fix Central | +----------------------------+------------------------------------------------+ Workarounds and Mitigations None Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. Reference Complete CVSS v2 Guide On-line Calculator v2 Related Information IBM Secure Engineering Web Portal IBM Product Security Incident Response Blog Change History 24 August 2018: Original version published 10 September 2018: First Revision - Added versions in Affected products section *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin. Disclaimer According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. - ------------------------------------------------------------------------------ Security Bulletin: Multiple Security Vulnerabilities in Jetspeed Affect IBM Sterling B2B Integrator Security Bulletin Document information More support for: Sterling B2B Integrator Software version: 5.2.0.1 - 5.2.6.3 Operating system(s): AIX, HP-UX, IBM i, Linux, Solaris, Windows Reference #: 0728893 Modified date: 17 December 2018 Summary There are multiple security vulnerabilities in Jetspeed that affect IBM Sterling B2B Integrator Vulnerability Details CVEID: CVE-2016-0711 DESCRIPTION: Apache Jetspeed is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the add a link, page, or folder functionality. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. CVSS Base Score: 6.1 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/111887 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) CVEID: CVE-2016-0712 DESCRIPTION: Apache Jetspeed is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the URI path directory. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. CVSS Base Score: 6.1 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/111888 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) CVEID: CVE-2016-2171 DESCRIPTION: Apache Jetspeed could allow a remote attacker to bypass security restrictions, caused by the failure to restrict access to the User Manager REST service. An attacker could exploit this vulnerability to gain unauthorized access to the application. CVSS Base Score: 5.3 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/111889 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) CVEID: CVE-2016-0710 DESCRIPTION: Apache Jetspeed is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the User Manager service using the user or role parameter, which could allow the attacker to view, add, modify or delete information in the back-end database. CVSS Base Score: 6.5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/111886 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) CVEID: CVE-2016-0709 DESCRIPTION: Apache Jetspeed could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to the Import/Export function in the Portal Site Manager containing "dot dot" sequences (/../) in a ZIP archive to upload a .jsp file to write it to a disk and execute arbitrary code on the system. CVSS Base Score: 5.3 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/111885 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) Affected Products and Versions IBM Sterling B2b Integrator 5.2.0.1 - 5.2.6.3 Remediation/Fixes +----------------------------+------------------------------------------------+ |PRODUCT & Version |Remediation/Fix | +----------------------------+------------------------------------------------+ |IBM Sterling B2B Integrator |Apply IBM Sterling B2B Integrator version | |5.2.0.1 - 5.2.6.3 |6.0.0.0 or 5.2.6.4 available on Fix Central | +----------------------------+------------------------------------------------+ Workarounds and Mitigations None Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. Reference Complete CVSS v3 Guide On-line Calculator v3 Related Information IBM Secure Engineering Web Portal IBM Product Security Incident Response Blog Change History 24 August 2018: Original version published *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin. Disclaimer According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. - ------------------------------------------------------------------------------ Security Bulletin: Multiple Security Vulnerabilities in Jetty Affect IBM Sterling B2B Integrator Security Bulletin Document information More support for: Sterling B2B Integrator Software version: 5.2.0.1 - 5.2.6.3 Operating system(s): AIX, HP-UX, IBM i, Linux, Solaris, Windows Reference #: 0728823 Modified date: 17 December 2018 Summary There are multiple security vulnerabilities in Jetty that affect IBM Sterling B2B Integrator Vulnerability Details CVEID: CVE-2017-7658 DESCRIPTION: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. CVSS Base Score: 6.5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/145522 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) CVEID: CVE-2018-12536 DESCRIPTION: Eclipse Jetty could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted URL request to the java.nio.file.InvalidPathException function using an invalid parameter to cause an error message to be returned containing the full installation path. An attacker could use this information to launch further attacks against the affected system. CVSS Base Score: 5.3 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/145523 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) CVEID: CVE-2017-7656 DESCRIPTION: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. CVSS Base Score: 6.5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/145520 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) CVEID: CVE-2017-7657 DESCRIPTION: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. CVSS Base Score: 6.5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/145521 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) CVEID: CVE-2018-12538 DESCRIPTION: Eclipse Jetty could allow a remote attacker to hijack a user's session, caused by a flaw in the FileSessionDataStore. An attacker could exploit this vulnerability to gain access to another user's session. CVSS Base Score: 5.3 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/145321 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) Affected Products and Versions IBM Sterling B2B Integrator 5.2.0.1 - 5.2.6.3 Remediation/Fixes +----------------------------+------------------------------------------------+ |PRODUCT & Version |Remediation/Fix | +----------------------------+------------------------------------------------+ |IBM Sterling B2B Integrator |Apply IBM Sterling B2B Integrator version | |5.2.0.1 - 5.2.6.3 |6.0.0.0 or 5.2.6.4 available on Fix Central | +----------------------------+------------------------------------------------+ Workarounds and Mitigations None Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. Reference Complete CVSS v3 Guide On-line Calculator v3 Related Information IBM Secure Engineering Web Portal IBM Product Security Incident Response Blog Change History 24 August 2018: Original version published *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin. Disclaimer According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. - ------------------------------------------------------------------------------ Security Bulletin: Security Vulnerability in TIBCO Jasper Reports Affects IBM Sterling B2B Integrator (CVE-2018-5429) Security Bulletin Document information More support for: Sterling B2B Integrator Software version: 5.2.0.1 - 5.2.6.3 Operating system(s): AIX, HP-UX, IBM i, Linux, Solaris, Windows Reference #: 0728825 Modified date: 17 December 2018 Summary Security vulnerability in TIBCO Jasper Reports Affects IBM Sterling B2B Integrator Vulnerability Details CVEID: CVE-2018-5429 DESCRIPTION: Multiple TIBCO JasperReports products could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in the report scripting component. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code with the privileges of the operation system process. CVSS Base Score: 8.8 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/142094 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) Affected Products and Versions IBM Sterling B2B Integrator 5.2.0.1 - 5.2..6.3 Remediation/Fixes +----------------------------+------------------------------------------------+ |PRODUCT & Version |Remediation/Fix | +----------------------------+------------------------------------------------+ |IBM Sterling B2B Integrator |Apply IBM Sterling B2B Integrator version | |5.2.0.1 - 5.2.6.3 |6.0.0.0 or 5.2.6.4 available on Fix Central | +----------------------------+------------------------------------------------+ Workarounds and Mitigations None Get Notified about Future Security Bulletins Subscribe to My Notifications to be notified of important product support alerts like this. Reference Complete CVSS v3 Guide On-line Calculator v3 Related Information IBM Secure Engineering Web Portal IBM Product Security Incident Response Blog Change History 24 August 2018: Original version published *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin. Disclaimer According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXBh082aOgq3Tt24GAQjPBw/+JElX+gx5k6expZubfsy/TLOGzEWuDH58 1c/28ZPOfruDqqygeYmCnCFSv04A+kwyrHKqD9ts17nWbszyyuM1aLq+ylN/JMXJ HdyFvPZub/sTWPt3G0XrFRLyKGfn5JVGE8P/9/fyQ5gkzl2qYGZ1pJUu9UyoaoPN kJ4zS6+1b47L3QkDrLEtvrViKJRlFNzEWpXfGbRH8GKkuqSWyo7YqDRQpDcAiYm+ /kt7DxwuiwUOlUWRMcF/dG2f3gg4TYnlgdGgzBhG/UaoowJtXc591yzypCV749mX TIeyQiDQLpiHBAMWfea3SvcZQHgJTtpdd21pZ4Wnmris/QkCg4+zH0sfkdVd2oNN pgOzheKCRS8nsdUN2rvbbOX3lPv09fz0WPricQvxVZQl7/waQvVB5edB2zbT+IAe Fing5ZGISvN92uFtcNSGC1GQTo6LUguUvZ0dy7yFgLB5toRnNfv7U6Csz07qZyxZ 0LD7HRrWSKyF0QT1ZOayRZNkAw8T7Oz/9QkUYzdMFOIdoHU2ugHIfuB7NkrKUq1+ SMzDR7HHspr5S4OPgKBkJQHD5fhnXS1kFh7IZ1jTdKQmkBLyDSKnOftnIIzd5NW/ 9ZzBVt6Kslg47vLPf8m3x8g0yFkuLmYTzMSlknGwswIfGNZiQ5DTAdp9b4OHSzKA 2t/pBv1P1oc= =Oeui -----END PGP SIGNATURE-----