Multiple vulnerabilities in IBM InfoSphere Information Server
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2017-1467 CVE-2017-1468 CVE-2017-1383 |
| CWE-ID | CWE-285 CWE-426 CWE-611 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
IBM InfoSphere Information Server for Cloud Server applications / Other server solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Privilege escalation
EUVDB-ID: #VU8420
Risk: Low
CVSSv3.1: 7.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:W/RC:C]
CVE-ID: CVE-2017-1467
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain elevated privileges on the target system.
The weakness exists due to weak authorization issue. A remote attacker can use man-in-the-middle techniques, replay certain DataStage commands without privileged access and gain
elevated privileges.
Successful exploitation of the vulnerability results in privilege escalation or unauthorized access to the system.
Workarounds are available on vendor's website.
IBM InfoSphere Information Server for Cloud: 9.1 - 11.5
External linkshttp://www-01.ibm.com/support/docview.wss?uid=swg22006063
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Untrusted search path
EUVDB-ID: #VU8421
Risk: Low
CVSSv3.1: 6.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:W/RC:C]
CVE-ID: CVE-2017-1468
CWE-ID:
CWE-426 - Untrusted Search Path
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists due to untrusted search path element. A local attacker can place arbitrary .dll files in installation directories and execute arbitrary code with system privileges.
Successful exploitation of the vulnerability may result in system compromise.
Workarounds are available on vendor's website.
IBM InfoSphere Information Server for Cloud: 9.1 - 11.5
External linkshttp://www-01.ibm.com/support/docview.wss?uid=swg22006067
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) XXE attack
EUVDB-ID: #VU8422
Risk: Low
CVSSv3.1: 7.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L/E:U/RL:W/RC:C]
CVE-ID: CVE-2017-1383
CWE-ID:
CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to conduct XXE attack.
The weakness exists in the encryption library due to improper handling of XML External Entity (XXE) entries when parsing an XML file. A remote attacker can send manipulated XML data and gain access to arbitrary data or consume memory resources.
Successful exploitation of the vulnerability results in information disclosure.
Workarounds are available on vendor's website.
IBM InfoSphere Information Server for Cloud: 9.1 - 11.5
External linkshttp://www-01.ibm.com/support/docview.wss?uid=swg22005803
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
