IBM Support

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities

Security Bulletin


Summary

IBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to multiple security vulnerabilities. There are multiple vulnerabilities fixes to open source libraries distributed with IGI, other less secure algorithms for crypto, xss attacks and click jacking attacks.

Vulnerability Details

CVEID:  CVE-2018-0124
DESCRIPTION: Cisco Unified Communications Domain Manager could allow a remote attacker to execute arbitrary code on the system, caused by insecure key generation during application configuration. By sending arbitrary requests using the insecure key, an attacker could exploit this vulnerability to bypass security protections, gain elevated privileges and execute arbitrary code on the system.
CVSS Base Score: 9.8
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/139282  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:  CVE-2018-0125
DESCRIPTION: Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow a remote attacker to execute arbitrary code on the system, caused by an incomplete input validation on user-controlled input in an HTTP request in the Web interface. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary code with root privileges or cause the device to reload.
CVSS Base Score: 9.8
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/138770  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:  CVE-2015-5237
DESCRIPTION: Google Protocol Buffers could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in MessageLite::SerializeToString. A remote attacker could exploit this vulnerability to execute arbitrary code on the vulnerable system or cause a denial of service.
CVSS Base Score: 6.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/105989  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)

CVEID:  CVE-2013-4517
DESCRIPTION: Apache Santuario XML Security for Java is vulnerable to a denial of service, caused by an out of memory error when allowing Document Type Definitions (DTDs). A remote attacker could exploit this vulnerability via XML Signature transforms to cause a denial of service.
CVSS Base Score: 5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/89891  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID:  CVE-2014-3596
DESCRIPTION: Apache Axis and Axis2 could allow a remote attacker to conduct spoofing attacks, caused by and incomplete fix related to the failure to verify that the server hostname matches a domain name in the subject''s Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server.
CVSS Base Score: 4.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/95377  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID:  CVE-2012-5784
DESCRIPTION: Apache Axis 1.4, as used in multiple products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject''s Common Name (CN) field of the X.509 certificate. An attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server and launch further attacks against a vulnerable target.
CVSS Base Score: 4.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/79829  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID:  CVE-2013-2186
DESCRIPTION: Apache commons-fileupload could allow a remote attacker to overwrite arbitrary files on the system, caused by a NULL byte in the implementation of the DiskFileItem class. By sending a serialized instance of the DiskFileItem class, an attacker could exploit this vulnerability to write or overwrite arbitrary files on the system.
CVSS Base Score: 6.4
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/88133  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:P)

CVEID:  CVE-2016-3092
DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive.
CVSS Base Score: 5.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/114336  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:  CVE-2016-1000031
DESCRIPTION: Apache Commons FileUpload, as used in Novell NetIQ Sentinel and other products, could allow a remote attacker to execute arbitrary code on the system, caused by deserialization of untrusted data in DiskFileItem class of the FileUpload library. A remote attacker could exploit this vulnerability to execute arbitrary code under the context of the current process.
CVSS Base Score: 9.8
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/117957  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:  CVE-2014-0050
DESCRIPTION: Apache Commons FileUpload, as used in Apache Tomcat, Solr, and other products is vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header for multipart requests by MultipartStream.java. An attacker could exploit this vulnerability using a specially crafted Content-Type header to cause the application to enter into an infinite loop.
CVSS Base Score: 5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/90987  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID:  CVE-2013-4517
DESCRIPTION: Apache Santuario XML Security for Java is vulnerable to a denial of service, caused by an out of memory error when allowing Document Type Definitions (DTDs). A remote attacker could exploit this vulnerability via XML Signature transforms to cause a denial of service.
CVSS Base Score: 5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/89891  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID:  CVE-2013-2172
DESCRIPTION: Apache Santuario XML Security for Java could allow a remote attacker to conduct spoofing attacks, caused by the failure to restrict canonicalization algorithms to be applied to the CanonicalizationMethod parameter. An attacker could exploit this vulnerability to spoof the XML signature.
CVSS Base Score: 4.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/85323  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID:  CVE-2016-3092
DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive.
CVSS Base Score: 5.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/114336  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:  CVE-2016-1000031
DESCRIPTION: Apache Commons FileUpload, as used in Novell NetIQ Sentinel and other products, could allow a remote attacker to execute arbitrary code on the system, caused by deserialization of untrusted data in DiskFileItem class of the FileUpload library. A remote attacker could exploit this vulnerability to execute arbitrary code under the context of the current process.
CVSS Base Score: 9.8
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/117957  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:  CVE-2014-0050
DESCRIPTION: Apache Commons FileUpload, as used in Apache Tomcat, Solr, and other products is vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header for multipart requests by MultipartStream.java. An attacker could exploit this vulnerability using a specially crafted Content-Type header to cause the application to enter into an infinite loop.
CVSS Base Score: 5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/90987  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID:  CVE-2013-0248
DESCRIPTION: Apache Commons FileUpload could allow a local attacker to launch a symlink attack. Temporary files are created insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system with elevated privileges.
CVSS Base Score: 3.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/82618  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:P/A:P)

CVEID:  CVE-2016-3092
DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive.
CVSS Base Score: 5.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/114336  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:  CVE-2016-1000031
DESCRIPTION: Apache Commons FileUpload, as used in Novell NetIQ Sentinel and other products, could allow a remote attacker to execute arbitrary code on the system, caused by deserialization of untrusted data in DiskFileItem class of the FileUpload library. A remote attacker could exploit this vulnerability to execute arbitrary code under the context of the current process.
CVSS Base Score: 9.8
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/117957  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:  CVE-2014-0050
DESCRIPTION: Apache Commons FileUpload, as used in Apache Tomcat, Solr, and other products is vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header for multipart requests by MultipartStream.java. An attacker could exploit this vulnerability using a specially crafted Content-Type header to cause the application to enter into an infinite loop.
CVSS Base Score: 5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/90987  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID:  CVE-2013-0248
DESCRIPTION: Apache Commons FileUpload could allow a local attacker to launch a symlink attack. Temporary files are created insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system with elevated privileges.
CVSS Base Score: 3.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/82618  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:P/A:P)

CVEID:  CVE-2016-3092
DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive.
CVSS Base Score: 5.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/114336  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:  CVE-2016-1000031
DESCRIPTION: Apache Commons FileUpload, as used in Novell NetIQ Sentinel and other products, could allow a remote attacker to execute arbitrary code on the system, caused by deserialization of untrusted data in DiskFileItem class of the FileUpload library. A remote attacker could exploit this vulnerability to execute arbitrary code under the context of the current process.
CVSS Base Score: 9.8
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/117957  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:  CVE-2014-0050
DESCRIPTION: Apache Commons FileUpload, as used in Apache Tomcat, Solr, and other products is vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header for multipart requests by MultipartStream.java. An attacker could exploit this vulnerability using a specially crafted Content-Type header to cause the application to enter into an infinite loop.
CVSS Base Score: 5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/90987  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID:  CVE-2013-0248
DESCRIPTION: Apache Commons FileUpload could allow a local attacker to launch a symlink attack. Temporary files are created insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system with elevated privileges.
CVSS Base Score: 3.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/82618  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:P/A:P)

CVEID:  CVE-2014-0054
DESCRIPTION: Pivotal Spring Framework could allow a remote attacker to obtain sensitive information, caused by an XML External Entity Injection (XXE) error in Jaxb2RootElementHttpMessageConverter when processing XML data. By sending specially-crafted XML data, an attacker could exploit this vulnerability to read arbitrary files and obtain sensitive information.
CVSS Base Score: 5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/91841  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID:  CVE-2013-7315
DESCRIPTION: Pivotal Spring Framework could allow a remote attacker to obtain sensitive information, caused by an XML External Entity Injection (XXE) error when processing XML data. By sending a specially-crafted request, an attacker could exploit this vulnerability to read arbitrary files and obtain sensitive information.
CVSS Base Score: 5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/95219  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID:  CVE-2013-6429
DESCRIPTION: Spring Framework could allow a remote attacker to obtain sensitive information, caused by an error when parsing XML entities. By persuading a victim to open a specially-crafted XML document containing external entity references, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 4.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/90451  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVEID:  CVE-2013-4152
DESCRIPTION: Pivotal Spring Framework could allow a remote attacker to obtain sensitive information, caused by an XML External Entity Injection (XXE) error when processing XML data. By sending a specially-crafted request, an attacker could exploit this vulnerability to read arbitrary files and obtain sensitive information.
CVSS Base Score: 5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/86589  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID:  CVE-2011-2730
DESCRIPTION: Spring Framework could allow a remote attacker to obtain sensitive information, caused by an error when handling the Expression Language. An attacker could exploit this vulnerability to obtain classpaths and other sensitive information.
CVSS Base Score: 5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/69688  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID:  CVE-2010-1622
DESCRIPTION: Spring Framework could allow a remote attacker to execute arbitrary code on the system, caused by an error in the mechanism to use client provided data to update the properties of an object. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 7.5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/59573  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVEID:  CVE-2018-1272
DESCRIPTION: Pivotal Spring Framework could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper input validation. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges.
CVSS Base Score: 5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/141286  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L)

CVEID:  CVE-2018-1271
DESCRIPTION: Pivotal Spring Framework could allow a remote attacker to traverse directories on the system, caused by improper validation of user request. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to configure Spring MVC to serve static resources.
CVSS Base Score: 5.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/141285  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:  CVE-2018-1270
DESCRIPTION: Pivotal Spring Framework could allow a remote attacker to execute arbitrary code on the system, caused by the exposure of STOMP over WebSocket endpoints with a STOMP broker through the spring-messaging module. By sending a specially-crafted message, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 9.8
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/141284  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:  CVE-2016-9878
DESCRIPTION: Pivotal Spring Framework could allow a remote attacker to traverse directories on the system, caused by the failure to sanitize paths provided to ResourceServlet. An attacker could send a specially-crafted URL request containing directory traversal sequences to view arbitrary files on the system.
CVSS Base Score: 5.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/120241  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID:  CVE-2014-1904
DESCRIPTION: Spring MVC is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the FormTag.java script. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials.
CVSS Base Score: 4.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/91890  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID:  CVE-2014-3596
DESCRIPTION: Apache Axis and Axis2 could allow a remote attacker to conduct spoofing attacks, caused by and incomplete fix related to the failure to verify that the server hostname matches a domain name in the subject''s Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server.
CVSS Base Score: 4.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/95377  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID:  CVE-2012-5784
DESCRIPTION: Apache Axis 1.4, as used in multiple products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject''s Common Name (CN) field of the X.509 certificate. An attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server and launch further attacks against a vulnerable target.
CVSS Base Score: 4.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/79829  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID:  CVE-2013-3060
DESCRIPTION: Apache ActiveMQ is vulnerable to a denial of service, caused by the failure to require authentication, by the Web console. By sending specially-crafted HTTP requests, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service.
CVSS Base Score: 6.4
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/83719  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:P)

CVEID:  CVE-2013-1880
DESCRIPTION: Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the demo/portfolioPublish script. A remote attacker could exploit this vulnerability using the refresh parameter in a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials.
CVSS Base Score: 4.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/103075  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID:  CVE-2013-1879
DESCRIPTION: Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input when handling cron jobs. A remote attacker could exploit this vulnerability using specific parameters to inject malicious script into a Web page which would be executed in a victim''s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials.
CVSS Base Score: 4.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/85586  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID:  CVE-2012-6551
DESCRIPTION: Apache ActiveMQ is vulnerable to a denial of service, caused by the enablement of a sample web application by the default configuration. By sending specially-crafted HTTP requests, an attacker could exploit this vulnerability to consume broker resources and cause a denial of service.
CVSS Base Score: 5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/83718  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID:  CVE-2012-6092
DESCRIPTION: Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by multiple vectors. A remote attacker could exploit this vulnerability using various parameters in a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials.
CVSS Base Score: 4.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/83720  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID:  CVE-2012-5784
DESCRIPTION: Apache Axis 1.4, as used in multiple products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject''s Common Name (CN) field of the X.509 certificate. An attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server and launch further attacks against a vulnerable target.
CVSS Base Score: 4.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/79829  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID:  CVE-2011-4905
DESCRIPTION: Apache ActiveMQ is vulnerable to a denial of service, caused by an error in the failover mechanism when handling an openwire connection request. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the broker service to crash.
CVSS Base Score: 5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/71620  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID:  CVE-2015-1830
DESCRIPTION: Apache ActiveMQ could allow a remote attacker to traverse directories on the system, caused by an error in the fileserver upload/download functionality. By placing a jsp file in the admin console, an attacker could exploit this vulnerability to execute arbitrary shell commands on the system.
CVSS Base Score: 9.8
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/105644  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:  CVE-2014-8110
DESCRIPTION: Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials.
CVSS Base Score: 4.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/100724  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID:  CVE-2014-3612
DESCRIPTION: Apache ActiveMQ could allow a remote authenticated attacker to bypass security restrictions, caused by an error in the LDAPLoginModule implementation. By sending an empty password, an attacker could exploit this vulnerability to bypass the authentication mechanism of an application using LDAPLoginModule and assume the role of another user.
CVSS Base Score: 5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/100723  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVEID:  CVE-2014-3600
DESCRIPTION: Apache ActiveMQ could allow a remote attacker to obtain sensitive information, caused by an XML External Entity Injection (XXE) error when processing XML data. By sending specially-crafted XML data to specify an XPath based selector, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/100722  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID:  CVE-2014-3576
DESCRIPTION: Apache ActiveMQ is vulnerable to a denial of service, caused by an error in the processControlCommand function in broker/TransportConnection.java. A remote attacker could use the shutdown command to shutdown the service.
CVSS Base Score: 7.5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/107290  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:  CVE-2015-6524
DESCRIPTION: Apache ActiveMQ is vulnerable to a brute force attack, caused by an error in the LDAPLoginModule implementation. An attacker could exploit this vulnerability using the wildcard in usernames to obtain user credentials.
CVSS Base Score: 7.5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/106187  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVEID:  CVE-2015-5254
DESCRIPTION: Apache ActiveMQ could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the classes that can be serialized in the broker. An attacker could exploit this vulnerability using a specially crafted serialized Java Message Service (JMS) ObjectMessage object to execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/109632  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID:  CVE-2015-5184
DESCRIPTION: Red Hat JBoss A-MQ could allow a remote attacker to obtain sensitive information, caused by the Access-Control-Allow-Origin header permits unrestricted sharing in Hawtio console. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 7.5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/132635  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:  CVE-2015-5183
DESCRIPTION: Red Hat JBoss A-MQ could allow a remote attacker to obtain sensitive information, caused by no HTTPOnly or Secure attributes on cookies configured in Hawtio console. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain an authenticated user''s SessionID.
CVSS Base Score: 7.5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/132634  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:  CVE-2015-5182
DESCRIPTION: Red Hat JBoss A-MQ is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input by the jolokia API. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
CVSS Base Score: 8.8
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/132633  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:  CVE-2015-6524
DESCRIPTION: Apache ActiveMQ is vulnerable to a brute force attack, caused by an error in the LDAPLoginModule implementation. An attacker could exploit this vulnerability using the wildcard in usernames to obtain user credentials.
CVSS Base Score: 7.5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/106187  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVEID:  CVE-2015-5254
DESCRIPTION: Apache ActiveMQ could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the classes that can be serialized in the broker. An attacker could exploit this vulnerability using a specially crafted serialized Java Message Service (JMS) ObjectMessage object to execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/109632  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID:  CVE-2015-5184
DESCRIPTION: Red Hat JBoss A-MQ could allow a remote attacker to obtain sensitive information, caused by the Access-Control-Allow-Origin header permits unrestricted sharing in Hawtio console. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 7.5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/132635  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:  CVE-2015-5183
DESCRIPTION: Red Hat JBoss A-MQ could allow a remote attacker to obtain sensitive information, caused by no HTTPOnly or Secure attributes on cookies configured in Hawtio console. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain an authenticated user''s SessionID.
CVSS Base Score: 7.5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/132634  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:  CVE-2015-5182
DESCRIPTION: Red Hat JBoss A-MQ is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input by the jolokia API. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
CVSS Base Score: 8.8
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/132633  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:  CVE-2016-0782
DESCRIPTION: Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the web based administration console. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials.
CVSS Base Score: 6.1
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/111420  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID:  CVE-2016-0734
DESCRIPTION: Apache ActiveMQ could allow a remote attacker to hijack the clicking action of the victim, caused by the failure to set the X-Frame-Options header in HTTP responses by the Administrative Web console. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim''s click actions.
CVSS Base Score: 4.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/111421  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)

CVEID:  CVE-2016-3088
DESCRIPTION: Apache ActiveMQ could allow a remote attacker to execute arbitrary code on the system, caused by an error in the Fileserver web application. By sending a specially crafted HTTP PUT request and an HTTP MOVE request, an attacker could exploit this vulnerability to create an arbitrary file and execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/113414  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID:  CVE-2016-6810
DESCRIPTION: Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability in a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials.
CVSS Base Score: 6.1
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/119699  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID:  CVE-2016-0782
DESCRIPTION: Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the web based administration console. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials.
CVSS Base Score: 6.1
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/111420  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID:  CVE-2016-0734
DESCRIPTION: Apache ActiveMQ could allow a remote attacker to hijack the clicking action of the victim, caused by the failure to set the X-Frame-Options header in HTTP responses by the Administrative Web console. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim''s click actions.
CVSS Base Score: 4.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/111421  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)

CVEID:  CVE-2016-3088
DESCRIPTION: Apache ActiveMQ could allow a remote attacker to execute arbitrary code on the system, caused by an error in the Fileserver web application. By sending a specially crafted HTTP PUT request and an HTTP MOVE request, an attacker could exploit this vulnerability to create an arbitrary file and execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/113414  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID:  CVE-2016-6810
DESCRIPTION: Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability in a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials.
CVSS Base Score: 6.1
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/119699  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID:  CVE-2016-9739
DESCRIPTION: IBM Security Identity Manager Virtual Appliance stores user credentials in plain in clear text which can be read by a local user.
CVSS Base Score: 6.2
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/119789  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:  CVE-2016-0357
DESCRIPTION: IBM Security Identity Manager Virtual Appliance could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim''s click actions and possibly launch further attacks against the victim.
CVSS Base Score: 5.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/111896  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:  CVE-2016-0340
DESCRIPTION: IBM Security Identity Manager Virtual Appliance could allow a local user to take over a previously logged in user due to session expiration not being enforced.
CVSS Base Score: 4.9
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/111780  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID:  CVE-2016-0339
DESCRIPTION: IBM Security Identity Manager Virtual Appliance could allow an attacker with traffic records between a victim and the ISIM to spoof another user due to invalid session identifiers after the victim has logged out.
CVSS Base Score: 5.6
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/111749  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID:  CVE-2016-0338
DESCRIPTION: IBM Security Identity Manager Virtual Appliance could allow a local user to obtain sensitive information including passwords in cleartext by examining configuration files and/or running processes.
CVSS Base Score: 6.2
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/111748  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:  CVE-2016-0330
DESCRIPTION: IBM Security Identity Manager Virtual Appliance uses a weak password algorithm which allows users to create insecure passwords. An attacker could exploit this vulnerability to gain access to the system.
CVSS Base Score: 5.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/111693  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID:  CVE-2016-3092
DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive.
CVSS Base Score: 5.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/114336  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:  CVE-2016-1000031
DESCRIPTION: Apache Commons FileUpload, as used in Novell NetIQ Sentinel and other products, could allow a remote attacker to execute arbitrary code on the system, caused by deserialization of untrusted data in DiskFileItem class of the FileUpload library. A remote attacker could exploit this vulnerability to execute arbitrary code under the context of the current process.
CVSS Base Score: 9.8
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/117957  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:  CVE-2014-0050
DESCRIPTION: Apache Commons FileUpload, as used in Apache Tomcat, Solr, and other products is vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header for multipart requests by MultipartStream.java. An attacker could exploit this vulnerability using a specially crafted Content-Type header to cause the application to enter into an infinite loop.
CVSS Base Score: 5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/90987  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID:  CVE-2013-0248
DESCRIPTION: Apache Commons FileUpload could allow a local attacker to launch a symlink attack. Temporary files are created insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system with elevated privileges.
CVSS Base Score: 3.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/82618  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:P/A:P)

CVEID:  CVE-2018-7489
DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw in the readValue method of the ObjectMapper. By sending specially crafted JSON input, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/139549  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID:  CVE-2018-5968
DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by deserialization flaws. By using two different gadgets that bypass a blacklist, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/138088  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID:  CVE-2017-7525
DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw within the Jackson JSON library in the readValue method of the ObjectMapper. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 9.8
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/134639  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:  CVE-2017-17485
DESCRIPTION: Jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the default-typing feature. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 9.8
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/137340  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:  CVE-2017-15095
DESCRIPTION: Jackson Library could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw in the readValue() method of the ObjectMapper. By sending specially crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 9.8
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/135123  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:  CVE-2014-0114
DESCRIPTION: Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the setting of Class Loader attributes. An attacker could exploit this vulnerability using the class parameter of an ActionForm object to manipulate the ClassLoader and execute arbitrary code on the system.
CVSS Base Score: 7.5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/92889  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVEID:  CVE-2018-1000199
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a ptrace() error handling flaw. By invoking the modify_user_hw_breakpoint() function, a local attacker could exploit this vulnerability to cause the kernel to crash.
CVSS Base Score: 6.2
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/142654  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:  CVE-2018-8897
DESCRIPTION: Multiple operating systems could allow a local authenticated attacker to gain elevated privileges on the system, caused by developer interpretation of hardware debug exception documentation for the MOV to SS and POP SS instructions. An attacker could exploit this vulnerability using operating system APIs to obtain sensitive memory information or control low-level operating system functions and other unexpected behavior.
CVSS Base Score: 7
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/142242  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:  CVE-2018-1091
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a missing processor feature check in the flush_tmregs_to_thread function. A local attacker could exploit this vulnerability to cause the guest kernel to crash.
CVSS Base Score: 6.2
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/140892  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:  CVE-2018-1087
DESCRIPTION: Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by the improper handling of exceptions delivered after a stack switch operation using the MOV to SS and POP SS instructions by the KVM hypervisor. An attacker could exploit this vulnerability to gain elevated privileges or cause the guest to crash.
CVSS Base Score: 8.4
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/142976  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:  CVE-2018-1068
DESCRIPTION: Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by an error in the implementation of 32 bit syscall interface. An attacker could exploit this vulnerability to gain root privileges on the system.
CVSS Base Score: 8.1
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/140403  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)

CVEID:  CVE-2017-16939
DESCRIPTION: Linux Kernel could allow a remote attacker to gain elevated privileges on the system, caused by an use-after-free in the Netlink socket subsystem XFRM. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain privileges.
CVSS Base Score: 9.8
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/135317  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:  CVE-2018-10915
DESCRIPTION: PostgreSQL could allow a remote attacker to bypass security restrictions, caused by an issue with improperly resting internal state in between connections in the libpq library. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass client-side connection security features.
CVSS Base Score: 7.5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/148225  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID:  CVE-2018-5740
DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by a defect in the deny-answer-aliases feature. By triggering this defect, a remote attacker could exploit this vulnerability to cause an INSIST assertion failure in name.c.
CVSS Base Score: 7.5
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/148131  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:  CVE-2018-3693
DESCRIPTION: Intel Haswell Xeon, AMD PRO and ARM Cortex A57 CPUs could allow a local authenticated attacker to obtain sensitive information, caused by a bounds check bypass in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks, an attacker could exploit this vulnerability to cross the syscall boundary and read data from the CPU virtual memory.
CVSS Base Score: 7.1
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/146191  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)

CVEID:  CVE-2018-3646
DESCRIPTION: Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by a flaw in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks and via a terminal page fault, an attacker with guest OS privilege could exploit this vulnerability to leak information residing in the L1 data cache and read data belonging to different security contexts.
CVSS Base Score: 7.1
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/148319  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)

CVEID:  CVE-2018-3620
DESCRIPTION: Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by a flaw in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks and via a terminal page fault, an attacker could exploit this vulnerability to leak information residing in the L1 data cache and read data belonging to different security contexts. Note: This vulnerability is also known as the "L1 Terminal Fault (L1TF)" or "Foreshadow" attack.
CVSS Base Score: 7.1
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/148318  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)

CVEID:  CVE-2018-1944
DESCRIPTION: IBM Security Identity Governance Virtual Appliance contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
CVSS Base Score: 5.1
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/153386  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:  CVE-2018-1945
DESCRIPTION: IBM Security Identity Governance Virtual Appliance could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.
CVSS Base Score: 6.1
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/153387  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID:  CVE-2017-7957
DESCRIPTION: XStream is vulnerable to a denial of service, caused by the improper handling of attempts to create an instance of the primitive type ''void'' during unmarshalling. A remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 5.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/125800  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:  CVE-2016-3674
DESCRIPTION: XStream could allow a remote attacker to obtain sensitive information, caused by an error when processing XML external entities. By sending specially-crafted XML data, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/111806  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID:  CVE-2013-7285
DESCRIPTION: XStream could allow a remote attacker to execute arbitrary code on the system, caused by an error in the XMLGenerator API. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 6.8
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/90229  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVEID:  CVE-2018-1946
DESCRIPTION: IBM Security Identity Governance Virtual Appliance supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties.
CVSS Base Score: 5.9
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/153388  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:  CVE-2018-1947
DESCRIPTION: IBM Security Identity Governance Virtual Appliance is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base Score: 6.1
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/153427  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID:  CVE-2018-1948
DESCRIPTION: IBM Security Identity Governance Virtual Appliance does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic.
CVSS Base Score: 4.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/153428  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)

CVEID:  CVE-2018-1949
DESCRIPTION: IBM Security Identity Governance Virtual Appliance discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system.
CVSS Base Score: 4.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/153429  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)

CVEID:  CVE-2018-1950
DESCRIPTION: IBM Security Identity Governance Virtual Appliance generates an error message that includes sensitive information about its environment, users, or associated data which could be used in further attacks against the system.
CVSS Base Score: 4.3
CVSS Temporal Score: See  https://exchange.xforce.ibmcloud.com/vulnerabilities/153430  for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)


Affected Products and Versions

IBM Security Identity Governance and Intelligence (IGI) 5.2, 5.2.1, 5.2.2, 5.2.2.1, 5.2.3, 5.2.3.1, 5.2.3.2, 5.2.4, 5.2.4.1

Remediation/Fixes


Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

Reference

Complete CVSS v3 Guide
On-line Calculator v3

Related Information

IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

Acknowledgement

IBM X-Force Ethical Hacking Team: Ron Craig, Warren Moynihan, Jonathan Fitz-Gerald, John Zuccato, Rodney Ryan, Chris Shepherd, Dmitriy Beryoza

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

Product Alias/Synonym

IGI
IGA

Document information

More support for: IBM Security Identity Governance and Intelligence

Software version: 5.2, 5.2.1, 5.2.2, 5.2.2.1, 5.2.3, 5.2.3.1, 5.2.3.2,, 5.2.4, 5.2.4.1

Operating system(s): Appliance

Reference #: 0872142

Modified date: 18 February 2019