-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2019.3529
                IBM Watson Explorer receives security fixes
                             18 September 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           IBM Watson Explorer products
Publisher:         IBM
Operating System:  Windows
                   Linux variants
                   AIX
Impact/Access:     Access Privileged Data         -- Remote with User Interaction
                   Denial of Service              -- Remote/Unauthenticated      
                   Provide Misleading Information -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-15756 CVE-2018-8039 

Reference:         ESB-2018.3957
                   ESB-2018.0660.10

Original Bulletin: 
   http://www.ibm.com/support/docview.wss?uid=ibm10882008
   http://www.ibm.com/support/docview.wss?uid=ibm10742661

Comment: This bulletin contains two (2) IBM security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

Vulnerability affects Watson Explorer Foundational Components (CVE-2018-15756)

Security Bulletin

Summary

Security vulnerability affects IBM Watson Explorer Foundational Components.

Vulnerability Details

CVEID: CVE-2018-15756
DESCRIPTION: Pivotal Spring Framework is vulnerable to a denial of service,
caused by improper handling of range request by the ResourceHttpRequestHandler.
By adding a range header with a high number of ranges, a remote attacker could
exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
151641 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

The vulnerability applies to the following product and version:

   Watson Explorer Foundational Components versions 12.0.0, 12.0.1, 12.0.2.0 -
    12.0.2.2
   Watson Explorer Foundational Components versions 11.0.2.0 - 11.0.2.4

Remediation/Fixes

Follow these steps to upgrade to the required version of Spring Framework.

The table reflects product names at the time the specified versions were
released. To use the links to Fix Central in this table, you must first log in
to the IBM Support: Fix Central site at http://www.ibm.com/support/fixcentral/ 
.

+------------+--------+---------------------------------------------------------+
|  Affected  |Affected|                                                         |
|  Product   |Versions|            How to acquire and apply the fix             |
+------------+--------+---------------------------------------------------------+
|IBM Watson  |12.0.0, |Upgrade to Version 12.0.3.                               |
|Explorer DAE|12.0.1, |                                                         |
|Foundational|12.0.2.0|See Watson Explorer Version 12.0.3 Foundational          |
|Components  |-       |Components for download information and instructions.    |
|            |12.0.2.2|                                                         |
+------------+--------+---------------------------------------------------------+
|IBM Watson  |11.0.2.0|Upgrade to Version 11.0.2.5.                             |
|Explorer    |-       |                                                         |
|Foundational|11.0.2.4|See Watson Explorer Version 11.0.2.5 Foundational        |
|Components  |        |Components for download information and instructions.    |
+------------+--------+---------------------------------------------------------+

- --------------------------------------------------------------------------------

Vulnerabilities exist in Watson Explorer Analytical Components and Watson
Content Analytics (CVE-2018-8039)

Security Bulletin

Summary

Security vulnerabilities have been identified in IBM Watson Explorer Analytical
Components, Watson Explorer Foundational Components Annotation Administration
Console, and IBM Watson Content Analytics.

Vulnerability Details

CVEID: CVE-2018-8039
DESCRIPTION: Apache CXF could allow a remote attacker to conduct a
man-in-the-middle attack. The TLS hostname verification does not work correctly
with com.sun.net.ssl interface. An attacker could exploit this vulnerability to
launch a man-in-the-middle attack.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
145516 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

Affected Products and Versions

To see which vulnerabilities apply to your product and version, see the
applicable row in the following table.

+-------------------------+--------------+------------------------------------+
|Affected Product         |Affected      |Applicable Vulnerabilities          |
|                         |Versions      |                                    |
+-------------------------+--------------+------------------------------------+
|Watson Explorer          |11.0.0.0 -    |CVE-2018-8039                       |
|Analytical Components    |11.0.0.3,     |                                    |
|                         |11.0.1,       |                                    |
|                         |11.0.2.0 -    |                                    |
|                         |11.0.2.3      |                                    |
+-------------------------+--------------+------------------------------------+
|Watson Explorer          |11.0.0.0 -    |CVE-2018-8039                       |
|Foundational Components  |11.0.0.3,     |                                    |
|Annotation Administration|11.0.1,       |                                    |
|Console                  |11.0.2.0 -    |                                    |
|                         |11.0.2.2      |                                    |
+-------------------------+--------------+------------------------------------+
|Watson Explorer          |10.0.0.0 -    |CVE-2018-8039                       |
|Analytical Components    |10.0.0.2      |                                    |
+-------------------------+--------------+------------------------------------+
|Watson Explorer          |10.0.0.0 -    |CVE-2018-8039                       |
|Foundational Components  |10.0.0.2      |                                    |
|Annotation Administration|              |                                    |
|Console                  |              |                                    |
+-------------------------+--------------+------------------------------------+
|Watson Content Analytics |3.5.0.0 -     |CVE-2018-8039                       |
|                         |3.5.0.4       |                                    |
+-------------------------+--------------+------------------------------------+

Remediation/Fixes

For information about fixes, see the applicable row in the following table. The
table reflects product names at the time the specified versions were released.
To use the links to Fix Central in this table, you must first log in to the IBM
Support: Fix Central site at http://www.ibm.com/support/fixcentral/ .

+--------------+----------+-------------+--------------------------------------------------+
|Affected      |Affected  |Vulnerability|Fix                                               |
|Product       |Versions  |             |                                                  |
+--------------+----------+-------------+--------------------------------------------------+
|Watson        |11.0.0.0 -|CVE-2018-8039|Upgrade to Watson Explorer Analytical Components  |
|Explorer      |11.0.0.3, |             |Version 11.0.2 Fix Pack 4. For information about  |
|Analytical    |11.0.1,   |             |this version, and links to the software and       |
|Components    |11.0.2.0 -|             |release notes, see the download document . For    |
|              |11.0.2.3  |             |information about upgrading, see the upgrade      |
|              |          |             |procedures .                                      |
+--------------+----------+-------------+--------------------------------------------------+
|Watson        |11.0.0.0 -|CVE-2018-8039|Upgrade to Watson Explorer Foundational Components|
|Explorer      |11.0.0.3, |             |Annotation Administration Console Version 11.0.2  |
|Foundational  |11.0.1,   |             |Fix Pack 4. For information about this version,   |
|Components    |11.0.2.0 -|             |and links to the software and release notes, see  |
|Annotation    |11.0.2.2  |             |the download document . For information about     |
|Administration|          |             |upgrading, see the upgrade procedures .           |
|Console       |          |             |                                                  |
+--------------+----------+-------------+--------------------------------------------------+
|Watson        |10.0.0.0 -|CVE-2018-8039|Important: Perform these steps as a Watson        |
|Explorer      |10.0.0.2  |             |Explorer Analytical Components administrative     |
|Analytical    |          |             |user, typically esadmin.                          |
|Components    |          |             |                                                  |
|              |          |             | 1. If not already installed, install V10.0 Fix   |
|              |          |             |    Pack 2 (see the Fix Pack download document ). |
|              |          |             | 2. Download the package from Fix Central :       |
|              |          |             |    interim fix                                   |
|              |          |             |    10.0.0.2-WS-WatsonExplorer-AEAnalytical-IF003 |
|              |          |             |    or later and extract the contents of the fix  |
|              |          |             |    into a temporary directory.                   |
|              |          |             | 3. See the Updating WebSphere Liberty used in IBM|
|              |          |             |    Watson Explorer Analytical Components for     |
|              |          |             |    detailed instructions how to apply the fix.   |
+--------------+----------+-------------+--------------------------------------------------+
|Watson        |10.0.0.0 -|CVE-2018-8039|Important: Perform these steps as a Watson        |
|Explorer      |10.0.0.5  |             |Explorer Annotation Administration Console        |
|Foundational  |          |             |administrative user, typically esadmin.           |
|Components    |          |             |                                                  |
|Annotation    |          |             | 1. If not already installed, install V10.0 Fix   |
|Administration|          |             |    Pack 5 (see the Fix Pack download document ). |
|Console       |          |             | 2. Download the package from Fix Central :       |
|              |          |             |    interim fix 10.0.0.5-WS-WatsonExplorer-       |
|              |          |             |    <edition>FoundationalAAC-IF001 or later and   |
|              |          |             |    extract the contents of the fix into a        |
|              |          |             |    temporary directory.                          |
|              |          |             | 3. To install the fix, see Updating WebSphere    |
|              |          |             |    Liberty used in IBM Watson Explorer Analytical|
|              |          |             |    Components .                                  |
+--------------+----------+-------------+--------------------------------------------------+
|Watson Content|3.5.0.0 - |CVE-2018-8039|Important: Perform these steps as a Watson Content|
|Analytics     |3.5.0.4   |             |Analytics administrative user, typically esadmin. |
|              |          |             |                                                  |
|              |          |             | 1. If not already installed, install V3.5.0.4.   |
|              |          |             |    For information about this version, and links |
|              |          |             |    to the software and release notes, see the    |
|              |          |             |    download document . For information about     |
|              |          |             |    upgrading, see the upgrade procedures .       |
|              |          |             | 2. Download the package from Fix Central :       |
|              |          |             |    interim fix 3.5.0.4-WT-WCA-IF002 and extract  |
|              |          |             |    the contents of the fix into a temporary      |
|              |          |             |    directory.                                    |
|              |          |             | 3. To install the fix, see Updating WebSphere    |
|              |          |             |    Liberty used in IBM Watson Explorer Analytical|
|              |          |             |    Components .                                  |
+--------------+----------+-------------+--------------------------------------------------+

Workarounds and Mitigations

None.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXYGr42aOgq3Tt24GAQjY3BAA2wAq2scrMZZFeXyiECd6eoTmxbZIAJ/s
MDZlnD/AhbY+lywNtnyg4N9DvNBcqNYJb4S0edYX3T1vR0T+S4cDlL8X0L8MORQq
hselfMWAsSUpkFvlDVs2ZBXfysuEtFpEhx5A+iNcrcZ4KtO1nlbVt1j7z1LXh8er
ewAwARIkhOXCMWrKu6AwW+yrKl/2CjmeTsHiILpf6xFSZk/jeZCkmVJ+sTdfW3Se
XXdNRqIN7FKF0tpMNN3yfnx4RBs1xmGODT/zTLPcPeWAje6m/cKnrUuxPDDc7NWt
cxVZ4wCHDowilQzFSR8OKUYu0DiF8tRtGBhHfUwwNL7SjaVG0mNpKV9mpZnZow/U
g5zETD8g4GzgZcslzuIxeM/99l+qN7klzp6oa+WNvUxnYqGwVg7DboxColjhRMVd
9fsIthRfDUiNA9xbfllorMjJ+EQROTlsBW3mkofsXqWf+Q265OOBTf6c6ESuzq3q
2PUcuhrfWufULhjR3ykLBCaa1etuiuus/bnmz7cMF7w72i6AIbGGDSoYy9UB8col
4DHD853tG4rKcG8ud2urScuJYup2VnUBAf0DAgl82uUlOwHVRFYcO/LrAQJT/Y4C
Ubo3p5bKQVI6RgGTvC6x9qcpGL8ufEhgytOzB1Duc5Wog2kt4lRaF4+FDgdKGp5I
xx7PSAlKM34=
=o6bV
-----END PGP SIGNATURE-----