Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2019.3165
IBM Security Privileged Identity Manager is affected by
multiple vulnerabilities
19 August 2019
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: IBM Security Privileged Identity Manager
Publisher: IBM
Operating System: Linux variants
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Access Privileged Data -- Remote/Unauthenticated
Increased Privileges -- Existing Account
Overwrite Arbitrary Files -- Existing Account
Denial of Service -- Remote/Unauthenticated
Cross-site Scripting -- Remote with User Interaction
Provide Misleading Information -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2019-11479 CVE-2019-11478 CVE-2019-11477
CVE-2019-10245 CVE-2019-6454 CVE-2019-4046
CVE-2019-2684 CVE-2019-2602 CVE-2019-2449
CVE-2019-2426 CVE-2019-2422 CVE-2018-1000026
CVE-2018-18559 CVE-2018-18311 CVE-2018-14633
CVE-2018-12549 CVE-2018-12547 CVE-2018-11212
CVE-2018-1890 CVE-2018-0739 CVE-2018-0737
CVE-2018-0732 CVE-2018-0495 CVE-2017-15708
CVE-2017-7957 CVE-2017-3735 CVE-2016-1000031
CVE-2016-10707 CVE-2016-3674 CVE-2016-3092
CVE-2015-9251 CVE-2015-8830 CVE-2015-7501
CVE-2015-6420 CVE-2015-5262 CVE-2014-6071
CVE-2014-3577 CVE-2014-0050 CVE-2013-7285
CVE-2013-0248 CVE-2012-6708 CVE-2012-5783
Reference: ASB-2019.0221
ASB-2019.0220
ASB-2019.0218
ESB-2019.1495
ESB-2019.1488
ESB-2019.1484
Original Bulletin:
http://www.ibm.com/support/docview.wss?uid=ibm10967469
- --------------------------BEGIN INCLUDED TEXT--------------------
Security Bulletin: IBM Security Privileged Identity Manager is affected by
multiple vulnerabilities
PSIRT
Document information
More support for: IBM Security Privileged Identity Manager
Component: --
Software version: 2.1.1
Operating system(s): Linux
Reference #: 0967469
Modified date: 16 August 2019
Summary
IBM Security Privileged Identity Manager has addressed the following
vulnerabilities.
Vulnerability Details
CVEID: CVE-2012-6708
DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper
validation of user-supplied input by the jQuery(strInput) function. A remote
attacker could exploit this vulnerability using the to inject malicious script
into a Web page which would be executed in a victim's Web browser within the
security context of the hosting Web site, once the page is viewed. An attacker
could use this vulnerability to steal the victim's cookie-based authentication
credentials.
CVSS Base Score: 6.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
138055 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
CVEID: CVE-2014-6071
DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper
validation of user-supplied input by the index.php script. A remote attacker
could exploit this vulnerability to inject malicious script into a Web page
which would be executed in a victim's Web browser within the security context
of the hosting Web site, once the page is viewed. An attacker could use this
vulnerability to steal the victim's cookie-based authentication credentials.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
95670 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVEID: CVE-2015-9251
DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper
validation of user-supplied input. A remote attacker could exploit this
vulnerability using a specially-crafted URL to execute script in a victim's
Web browser within the security context of the hosting Web site, once the URL
is clicked. An attacker could use this vulnerability to steal the victim's
cookie-based authentication credentials.
CVSS Base Score: 6.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
138029 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
CVEID: CVE-2016-10707
DESCRIPTION: jQuery is vulnerable to a denial of service, caused by removing a
logic that lowercased attribute names. By using a mixed-cased name for boolean
attributes, a remote attacker could exploit this vulnerability to cause a
denial of service condition.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
138030 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2014-3577
DESCRIPTION: Apache HttpComponents could allow a remote attacker to conduct
spoofing attacks, caused by the failure to verify that the server hostname
matches a domain name in the Subject's Common Name (CN) or SubjectAltName
field of certificates. By persuading a victim to visit a Web site containing a
specially-crafted certificate, an attacker could exploit this vulnerability
using man-in-the-middle techniques to spoof an SSL server.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
95327 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVEID: CVE-2012-5783
DESCRIPTION: Apache Commons HttpClient, as used in Amazon Flexible Payments
Service (FPS) merchant Java SDK and other products, could allow a remote
attacker to conduct spoofing attacks, caused by the failure to verify that the
server hostname matches a domain name in the subject's Common Name (CN) field
of the X.509 certificate. By persuading a victim to visit a Web site
containing a specially-crafted certificate, an attacker could exploit this
vulnerability using man-in-the-middle techniques to spoof an SSL server.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
79984 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVEID: CVE-2015-5262
DESCRIPTION: Apache Commons is vulnerable to a denial of service, caused by
the failure to apply a configured connection during the initial handshake of
an HTTPS connection by the HttpClient component. An attacker could exploit
this vulnerability to accumulate multiple connections and exhaust all
available resources.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
106932 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2016-3092
DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by an
error in the Apache Commons FileUpload component. By sending file upload
requests, an attacker could exploit this vulnerability to cause the server to
become unresponsive.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
114336 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2016-1000031
DESCRIPTION: Apache Commons FileUpload, as used in Novell NetIQ Sentinel and
other products, could allow a remote attacker to execute arbitrary code on the
system, caused by deserialization of untrusted data in DiskFileItem class of
the FileUpload library. A remote attacker could exploit this vulnerability to
execute arbitrary code under the context of the current process.
CVSS Base Score: 9.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
117957 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2014-0050
DESCRIPTION: Apache Commons FileUpload, as used in Apache Tomcat, Solr, and
other products is vulnerable to a denial of service, caused by the improper
handling of Content-Type HTTP header for multipart requests by
MultipartStream.java. An attacker could exploit this vulnerability using a
specially crafted Content-Type header to cause the application to enter into
an infinite loop.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
90987 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVEID: CVE-2013-0248
DESCRIPTION: Apache Commons FileUpload could allow a local attacker to launch
a symlink attack. Temporary files are created insecurely. A local attacker
could exploit this vulnerability by creating a symbolic link from a temporary
file to various files on the system, which could allow the attacker to
overwrite arbitrary files on the system with elevated privileges.
CVSS Base Score: 3.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
82618 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:P/A:P)
CVEID: CVE-2015-7501
DESCRIPTION: Apache Commons Collections could allow a remote attacker to
execute arbitrary code on the system, caused by the deserialization of data
with Java InvokerTransformer class. By sending specially crafted data, an
attacker could exploit this vulnerability to execute arbitrary Java code on
the system.
CVSS Base Score: 9.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
107918 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2017-15708
DESCRIPTION: Apache Synapse could allow a remote attacker to execute arbitrary
code on the system, caused by a flaw in the Apache Commons Collections. By
injecting specially-crafted serialized objects, an attacker could exploit this
vulnerability to execute arbitrary code on the system.
CVSS Base Score: 9.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
136262 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2015-6420
DESCRIPTION: Apache Commons Collections could allow a remote attacker to
execute arbitrary code on the system, caused by the deserialization of data
with Java InvokerTransformer class. By sending specially crafted data, an
attacker could exploit this vulnerability to execute arbitrary Java code on
the system.
CVSS Base Score: 9.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
107918 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2013-7285
DESCRIPTION: XStream could allow a remote attacker to execute arbitrary code
on the system, caused by an error in the XMLGenerator API. An attacker could
exploit this vulnerability to execute arbitrary code on the system or cause
the application to crash.
CVSS Base Score: 6.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
90229 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVEID: CVE-2017-7957
DESCRIPTION: XStream is vulnerable to a denial of service, caused by the
improper handling of attempts to create an instance of the primitive type
'void' during unmarshalling. A remote attacker could exploit this
vulnerability to cause the application to crash.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
125800 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2016-3674
DESCRIPTION: XStream could allow a remote attacker to obtain sensitive
information, caused by an error when processing XML external entities. By
sending specially-crafted XML data, an attacker could exploit this
vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
111806 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2018-0732
DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the
sending of a very large prime value to the client by a malicious server during
key agreement in a TLS handshake. By spending an unreasonably long period of
time generating a key for this prime, a remote attacker could exploit this
vulnerability to cause the client to hang.
CVSS Base Score: 3.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
144658 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2018-0739
DESCRIPTION: OpenSSL is vulnerable to a denial of service. By sending
specially crafted ASN.1 data with a recursive definition, a remote attacker
could exploit this vulnerability to consume excessive stack memory.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
140847 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2018-0737
DESCRIPTION: OpenSSL could allow a local attacker to obtain sensitive
information, caused by a cache-timing side channel attack in the RSA Key
generation algorithm. An attacker with access to mount cache timing attacks
during the RSA key generation process could exploit this vulnerability to
recover the private key and obtain sensitive information.
CVSS Base Score: 3.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
141679 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2018-0495
DESCRIPTION: GnuPG Libgcrypt could allow a local attacker to obtain sensitive
information, caused by a memory-cache side-channel attack on ECDSA signatures
in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c. An attacker could
exploit this vulnerability to recover ECDSA or DSA private keys.
CVSS Base Score: 5.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
144828 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2017-3735
DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive
information, caused by an error while parsing an IPAdressFamily extension in
an X.509 certificate. An attacker could exploit this vulnerability to trigger
an out-of-bounds read, resulting in an incorrect text display of the
certificate.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
131047 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)
CVEID: CVE-2018-18311
DESCRIPTION: Perl is vulnerable to a heap-based buffer overflow, caused by an
integer overflow in the Perl_my_setenv function. By sending a
specially-crafted request, a local attacker could overflow a buffer and
execute arbitrary code or cause a denial of service condition.
CVSS Base Score: 8.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
153586 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2015-8830
DESCRIPTION: Linux Kernel could allow a remote attacker to execute arbitrary
code on the system, caused by an integer overflow in the AIO interface. By
applying to certain filesystems, socket or device types, an attacker could
exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
111186 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2018-1000026
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by the
improper validation of user-supplied input by the bnx2x network card driver.
By sending specially crafted GSO packets, a remote attacker could exploit this
vulnerability to cause an assertion and take the card off-line.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
138955 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2018-14633
DESCRIPTION: Linux Kernel is vulnerable to a stack-based buffer overflow,
caused by improper bounds checking by the chap_server_compute_md5() function.
If the iSCSI target to be enabled on the victim host, an attacker could
overflow a buffer and execute arbitrary code on the system or cause the system
to crash.
CVSS Base Score: 7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
150238 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H)
CVEID: CVE-2018-18559
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
use-after-free when there is an incomplete fix for a race condition between
fanout_add from setsockopt and bind on an AF_PACKET socket. By sending a
specially crafted packet, a remote attacker could exploit this vulnerability
to achieve Program Counter control and cause the kernel to crash.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
151816 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2019-10245
DESCRIPTION: Eclipse OpenJ9 is vulnerable to a denial of service, caused by
the execution of a method past the end of bytecode array by the Java bytecode
verifier. A remote attacker could exploit this vulnerability to cause the
application to crash.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
160010 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2019-2602
DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the
Java SE, Java SE Embedded Libraries component could allow an unauthenticated
attacker to cause a denial of service resulting in a high availability impact
using unknown attack vectors.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
159698 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2019-2684
DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the
Java SE, Java SE Embedded RMI component could allow an unauthenticated
attacker to cause no confidentiality impact, high integrity impact, and no
availability impact.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
159776 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVEID: CVE-2018-1890
DESCRIPTION: IBM SDK, Java Technology Edition Version 8 on the AIX platform
uses absolute RPATHs which may facilitate code injection and privilege
elevation by local users.
CVSS Base Score: 5.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
152081 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L)
CVEID: CVE-2018-12549
DESCRIPTION: Eclipse OpenJ9 could allow a remote attacker to execute arbitrary
code on the system, caused by the failure to omit a null check on the receiver
object of an Unsafe call when accelerating it. An attacker could exploit this
vulnerability to execute arbitrary code on the system.
CVSS Base Score: 9.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
157513 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2018-12547
DESCRIPTION: Eclipse OpenJ9 is vulnerable to a buffer overflow, caused by
improper bounds checking by the jio_snprintf() and jio_vsnprintf() functions.
By sending an overly long argument, a remote attacker could overflow a buffer
and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 9.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
157512 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2019-2422
DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the
Java SE Libraries component could allow an unauthenticated attacker to obtain
sensitive information resulting in a low confidentiality impact using unknown
attack vectors.
CVSS Base Score: 3.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
155741 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N)
CVEID: CVE-2019-2449
DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the
Java SE Deployment component could allow an unauthenticated attacker to cause
a denial of service resulting in a low availability impact using unknown
attack vectors.
CVSS Base Score: 3.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
155766 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID: CVE-2019-2426
DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the
Java SE Networking component could allow an unauthenticated attacker to obtain
sensitive information resulting in a low confidentiality impact using unknown
attack vectors.
CVSS Base Score: 3.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
155744 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID: CVE-2018-11212
DESCRIPTION: libjpeg is vulnerable to a denial of service, caused by
divide-by-zero error in the alloc_sarray function in jmemmgr.c. By persuading
a victim to open a specially-crafted file, a remote attacker could exploit
this vulnerability to cause the application to crash.
CVSS Base Score: 3.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
143429 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID: CVE-2019-4046
DESCRIPTION: IBM WebSphere Application Server is vulnerable to a denial of
service, caused by improper handling of request headers. A remote attacker
could exploit this vulnerability to cause the consumption of Memory.
CVSS Base Score: 5.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
156242 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2019-6454
DESCRIPTION: systemd is vulnerable to a denial of service, caused by a flaw in
the bus_process_object function in bus-objects.c. By sending a
specially-crafted DBUS nessage, a local authenticated attacker could exploit
this vulnerability to crash PID 1 and result in a subsequent kernel panic.
CVSS Base Score: 5.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
157193 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2019-11479
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a
flaw when processing minimum segment size (MSS). By sending specially-crafted
MSS traffic, a remote attacker could exploit this vulnerability to cause
excess usage of system resources.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
162665 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2019-11478
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an
issue with fragmenting the TCP retransmission queue when processing TCP
Selective Acknowledgement (SACK) capabilities. By sending specially-crafted
SACKs requests, a remote attacker could exploit this vulnerability to cause an
excess of system resource usage.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
162664 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2019-11477
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an
integer overflow when processing TCP Selective Acknowledgement (SACK)
capabilities. By sending specially-crafted SACKs requests, a remote attacker
could exploit this vulnerability to cause a kernel panic condition.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
162662 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
IBM Security Privileged Identity Manager (ISPIM) 2.1.1
Remediation/Fixes
Product VRMF Remediation
IBM Security Privileged Identity Manager 2.1.1 2.1.1-ISS-ISPIM-VA-FP0003
Change History
02 July 2019: Original Version Published
*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an "industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXVn3GGaOgq3Tt24GAQiRTA//X/lAURdeLkWABlUTC6QeGphtzTVgUjZA
+cHwfuvfBCxVJ3nS1LQ6Z1PtjB48Ht+qpHq6/LSAYjZfnw9khnN9wqJQSDdzmhau
FYPhiML4luoWiFWkz3XxNOTb3ejY+pNRrcwnk/zLW86ylRx0ho4X736Ul3URKfGX
a0vI4N8Drtjz05APZnFh7YFyXPpKWxAbHTYc4Wths/zALqeiC81H7xk6Nu7ldcTp
dSTD+7V9sCil3d693zwap5VFo/9aO4Zs/6El/mSp0Z0XpDGhR5z4GMInhkCfpEcX
7S8SvOPoDT40C3cMjhnSMGAD/Hk2odK6NgjXfsMqEMy3dvtbvjpUn6UfGx46IhAs
NnlsbKRF/vmBvy+09HhYPIlagLPEDagBpgufgHs/JJaGxF/FMLg/WvAhSLiEW1D9
RyOu2cNiuet+w2hpbtLwmGPZ0MT9xq1WPyYofYgA5e3hCkxb2oZRpiihZqKk8Uli
+012m2eaooycEUK43hQK+l1YxiakOLAoX+PuXtLWp5XBZkn5nD/EjqfOd61qUiQ3
iyGyT/BLIf7h+2/tHS4fGNSgqrCSIMduhsMvovx6om7pgy4HB7vsyDUXtVXJhMLp
q515xrxcKNAZNmCPjUMC/Y40a7t87HQaV4aX/b9ajP7yR94JlF8n5xHr6KLSxVYE
zIfuonUcsBo=
=p93A
-----END PGP SIGNATURE-----