Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2019.1886
security vulnerability has been identified in OpenSSL, which is shipped
with IBM Tivoli Network Manager IP Edition (CVE-2019-1559)
27 May 2019
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Tivoli Network Manager IP Edition
Publisher: IBM
Operating System: AIX
Linux variants
Solaris
Windows
z/OS
Impact/Access: Access Confidential Data -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2019-1559
Reference: ASB-2019.0147
ASB-2019.0128
ASB-2019.0120
ASB-2019.0088
Original Bulletin:
http://www.ibm.com/support/docview.wss?uid=ibm10883428
- --------------------------BEGIN INCLUDED TEXT--------------------
security vulnerability has been identified in OpenSSL, which is shipped with
IBM Tivoli Network Manager IP Edition (CVE-2019-1559)
Product: Tivoli Network Manager IP Edition
Software version: 3.9
Operating system(s): AIX, Linux, Solaris, Windows, z/OS
Reference #: 0883428
Security Bulletin
Summary
OpenSSL is shipped with IBM Tivoli Network Manager IP Edition version 3.9.
Information about a security vulnerability affecting Open SSL has been
published here.
Vulnerability Details
CVE-ID: C VE-2019-1559
Description: OpenSSL could allow a remote attacker to obtain sensitive
information, caused by the failure to immediately close the TCP connection
after the hosts encounter a zero-length record with valid padding. An attacker
could exploit this vulnerability using a 0-byte record padding-oracle attack to
decrypt traffic.
CVSS Base Score: 5.8
CVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/
157514 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)
Affected Products and Versions
IBM Tivoli Network Manager IP Edition v3.9 Fix Pack 4 & Fix Pack 5.
Remediation/Fixes
+-------------------+--------------------+--------------------------------------------------------------+
|IBM Tivoli Network |APAR IJ15786 |Please call IBM service and reference APAR IJ15786 , to obtain|
|Manager IP Edition | |a fix. |
|3.9 FP4 and FP5 | | |
+-------------------+--------------------+--------------------------------------------------------------+
Workarounds and Mitigations
Only customers on ITNM v3.9 FP4 or FP5 who have Java SSL Collectors enabled may
be affected. These collectors are not enabled by default.
Change History
9 May 2019 - Initial version published.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXOtf0maOgq3Tt24GAQhf3Q/8DMf2LjcwWxU4a/4XIVx0m6RyLecGmCNm
qMH6EOei40PuVv3C76rsvE78uNQHkouARgjF22ADtMu1GwjHFE03B5X3W8yR4+hi
T00g3YcFR6SQlr258LO8hI7MmBdyJnIecTCehn4tzmEPDzL41jpQTENJd8nFJnL/
vbZVR/llGwWCv//PQ/w2J37hEDwjQhiN9BFVpZuYGxXjBXbckGNUVjkYHoZtgysK
qDm18oTto8CRV0xeE8PC6ir5o+WXYxQt1cTvjHDU58BY1aZQd2BU8dhAZJHLNtf0
6fXYV3E2RHmMZyxTZzHS31rbCLR4GGVJspYnBNcS5BJP5hPJT6lOqj17MsouJJ6E
SOh2Bs597gBv0us5x45ZvhPnDn7pb23uOu6TZAVXERLppZPvJ1KOPx83TVtC0D82
4BctpeGD11eXIU6WNHwUx+JryLsnV0Lv32jPJ0qSbJsVuJ+o1Cm1uYThO7afiFyU
gt7K6G7If7fcdnlzECQhceFbbFRsasNRTK0QrxTUeAZujbVjFkEtZd/ZHZPzrZwF
IhLvMrlPV1G+dJRh8nUEjdDxYY56cMd3AZNw45ZgOTmZi2JH18TMPgGuv6KTa1OZ
C6cURidPM+iwjHra+RBy0twU3xHzLJKr976Gzx4TRe61TL3lso8dcBTyAGX3uH2O
jrjbmDbiC/8=
=SS3U
-----END PGP SIGNATURE-----