SB2016011002 - Multiple vulnerabilities in IBM Jazz Reporting Service
Published: January 10, 2016 Updated: August 9, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 8 secuirty vulnerabilities.
1) Information disclosure (CVE-ID: CVE-2017-1157)
The vulnerability allows a remote authenticated user to gain access to sensitive information.
IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could allow an authenticated attacker to access report data that should be restricted to authorized users. IBM X-Force ID: 122788.
2) Input validation error (CVE-ID: CVE-2015-7464)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote attackers to cause a denial of service (Report Builder server outage) via a crafted request to a Report Builder instance URL.
3) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2015-7469)
The vulnerability allows a remote authenticated user to manipulate data.
Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to bypass intended read-only restrictions by leveraging a JazzGuest role.
4) Information disclosure (CVE-ID: CVE-2015-7470)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors, as demonstrated by login information.
5) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2015-7468)
The vulnerability allows a remote authenticated user to manipulate data.
Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to bypass intended restrictions on administrator tasks via unspecified vectors.
6) Cross-site scripting (CVE-ID: CVE-2015-7467)
Vulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
7) Improper Neutralization of Special Elements in Output Used by a Downstream Component (CVE-ID: CVE-2015-7466)
The vulnerability allows a remote authenticated user to manipulate data.
Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended query restrictions or modify the LDAP directory, via unspecified vectors.
8) Cross-site scripting (CVE-ID: CVE-2015-7465)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM-ifix005. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- http://www.ibm.com/support/docview.wss?uid=swg22001007
- http://www.securityfocus.com/bid/99353
- https://exchange.xforce.ibmcloud.com/vulnerabilities/122778
- http://www.securityfocus.com/bid/96750
- http://www-01.ibm.com/support/docview.wss?uid=swg21972485
- http://www-01.ibm.com/support/docview.wss?uid=swg21972484