Flashes (Alerts)
Abstract
Unspecified vulnerability in InfoSphere Guardium allows remote unauthenticated attackers to create unprivileged user accounts.
Content
VULNERABILITY DETAILS:
CVE ID: CVE-2012-3338
DESCRIPTION:
There is a way for an attacker to login to the InfoSphere Guardium User Interface with the known username and password he has created.
CVSS:
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/78286 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)
AFFECTED PLATFORMS:
IBM InfoSphere Guardium 8.2 and earlier
REMEDIATION:
Apply the patch for password disclosure .
As of August 24, 2012, the latest Guardium patches and GPU fixpacks for all versions are available through FixCentral.
Using version 8.2 with CSRF filtering enabled, prevents this exploit. Versions 8.0 and 8.01 are not capable of CSRF filtering. As such, users are encouraged to update to 8.2.
See the version 8.2 release notes for information on enabling CSRF protection.
To confirm the CSRF is enabled in version 8.2, run following command in CLI:
show gui csrf_status
If the result is “Disabled” then execute the following command to enable CSRF filtering:
store gui csrf_status on
WORKAROUND:
None known; apply fixes
REFERENCES:
· On-line Calculator V2
· X-Force Vulnerability Database
· CVE-2012-3312
RELATED INFORMATION:
· IBM Secure Engineering Web Portal
· IBM Product Security Incident Response Blog
Was this topic helpful?
Document Information
Modified date:
25 September 2022
UID
swg21611126