Security Bulletin: Vulnerabilities in AppScan Enterprise, PolicyTester and Reporting Console

News


Abstract

Following an advanced ethical hacking activity conducted by IBM security experts, part of product testing mandated by the IBM Secure Engineering Framework, a series of security flaws in IBM Rational AppScan Enterprise Edition, IBM Rational AppScan Tester Edition, IBM Rational AppScan Reporting Console and IBM Rational Policy Tester were uncovered in versions 5.2 through 8.5 .

These vulnerabilities are addressed in a recently released product fix pack: 8.5.0.1 Fix Pack.

Content

Subscribe to My Notifications to be notified of important product support bulletins like this.
  • Follow this link for more information (requires login with your IBM ID)

VULNERABILITY DETAILS

CVE ID(s): CVE-2012-0731, CVE-2012-0733, CVE-2012-0734, CVE-2012-0735, CVE-2012-0736

DESCRIPTION: IBM Rational AppScan Enterprise may be vulnerable to several attacks caused by the impersonation of a service account with administrative privileges.

CVE-2012-0731
CVSS Base Score: 6.8
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/74371 for the current score
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:L/Au:S/C:C/I:N/A:N)

CVE-2012-0733
CVSS Base Score: 6
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/74374 for the current score
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:M/Au:S/C:P/I:P/A:P)

CVE-2012-0734
CVSS Base Score: 7.6
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/74557 for the current score
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:H/Au:N/C:C/I:C/A:C)

CVE-2012-0735
CVSS Base Score: 7.6
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/74558 for the current score
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:H/Au:N/C:C/I:C/A:C)

CVE-2012-0736
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/74559 for the current score
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:M/Au:N/C:C/I:C/A:C)


CVE ID: CVE-2012-0729
DESCRIPTION: IBM Rational AppScan Enterprise could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions on an administrative page.
CVSS Base Score: 6.5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/74366 for the current score
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:M/Au:S/C:P/I:P/A:P)

CVE ID: CVE-2012-0737
DESCRIPTION: IBM Rational AppScan Enterprise is vulnerable to cross-site scripting, caused by improper validation of user supplied input. An attacker could use this vulnerability to steal the victim cookie-based authentication credentials.
CVSS Base Score: 3.5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/74560 for the current score
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:M/Au:S/C:N/I:P/A:N)

CVE ID: CVE-2007-3633
DESCRIPTION: Rational AppScan Enterprise is vulnerable to a Chilkat Zip issue which could allow an attacker to overwrite system files using specially crafted zip files.
CVSS Base Score: 9.4
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/35294 for the current score
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:L/Au:N/C:N/I:C/A:C)

The following entries only apply to the 8.5.0.0 version of AppScan Enterprise, AppScan Tester, and Policy Tester:

CVE ID: CVE-2012-0730
DESCRIPTION: IBM Rational AppScan Enterprise is vulnerable to cross-site request forgery, caused by improper validation of user supplied input by multiple scripts. By persuading an authenticated user to visit a malicious website, a remote attacker could gain administrative privileges on the AppScan Enterprise server
CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/74370 for the current score
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE ID: CVE-2012-0732
DESCRIPTION: IBM Rational AppScan Enterprise could allow a remote attacker to conduct spoofing attacks, caused by a failure to perform SSL certificate validation by the AppScan Enterprise Console client. A remote attacker could exploit this vulnerability using man-in-the-middle techniques to launch further attacks against the victim.
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/74389 for the current score
CVSS Environmental Score*: Undefined
CVSS String: (AV:N/AC:M/Au:N/C:C/I:C/A:C)



AFFECTED PLATFORMS: Versions 5.2 through 8.5 of AppScan Enterprise, AppScan Tester, Policy Tester and Reporting Console running on Microsoft Windows are affected.

REMEDIATION: The recommended solution is to apply the fix for each named product as soon as practical. Please see below for information about the fixes available.

Fix:For IBM Rational AppScan Enterprise, IBM Rational AppScan Tester Edition, IBM Rational Policy Tester and IBM Rational AppScan Reporting Console, from version 5.4 to version 8.5:
  • Apply the 8.5.0.1 Fix Pack
  • If you are unable to upgrade to version 8.5.0.1, contact IBM Technical Support.

Workaround:Not applicable; apply fixes.

REFERENCES:
· Complete CVSS Guide
· On-line Calculator V2

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this alert.

Note: According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.


Cross reference information
Segment Product Component Platform Version Edition
Security Rational Policy Tester General Information 5.6, 8.0, 8.5 Accessibility, Privacy, Quality
Security Rational AppScan Reporting Console General Information Windows 5.6, 8.0 Reporting Console
Security Rational AppScan Tester Edition General Information Windows 5.6, 8.0 Tester

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

IBM Security AppScan Enterprise
General Support Issues

Software version:

5.6, 8.0, 8.5

Operating system(s):

Windows

Reference #:

1592188

Modified date:

2014-01-15

Translate my page

Machine Translation

Content navigation