Multiple vulnerabilities in IBM Cognos Controller



Published: 2018-05-02
Risk Low
Patch available YES
Number of vulnerabilities 25
CVE ID CVE-2017-10345
CVE-2017-10295
CVE-2017-10281
CVE-2017-10350
CVE-2017-10347
CVE-2017-10349
CVE-2017-10348
CVE-2017-10357
CVE-2017-10355
CVE-2016-9841
CVE-2017-10356
CVE-2017-10388
CVE-2016-9843
CVE-2016-9842
CVE-2016-9840
CVE-2016-10165
CVE-2018-1447
CVE-2016-0705
CVE-2017-3732
CVE-2017-3736
CVE-2018-1428
CVE-2018-1427
CVE-2018-1426
CVE-2016-0702
CVE-2017-1681
CWE ID CWE-264
CWE-125
CWE-20
CWE-200
CWE-521
CWE-415
CWE-310
CWE-327
CWE-190
CWE-338
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
IBM Cognos Controller
Client/Desktop applications / Other client software

Vendor IBM Corporation

Security Advisory

1) Improper access control

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-10345

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition.

The weakness exists due to a flaw in the Serialization component. A remote attacker can trigger partial denial of service.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper access control

Risk: Low

CVSSv3.1: 4.4 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2017-10295

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to access potentially sensitive information.

The weakness exists due to a flaw in the Javadoc component. A remote attacker can partially modify arbitrary files on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Denial of service

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-10281

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition.

The weakness exists due to a flaw in the Serialization component. A remote attacker can trigger partial denial of service on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper access control

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-10350

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition.

The weakness exists due to a flaw in the JAX-WS component. A remote attacker can trigger partial denial of service.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Denial of service

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-10347

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition.

The weakness exists due to a flaw in the Serialization component. A remote attacker can trigger partial denial of service on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Improper access control

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-10349

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition.

The weakness exists due to a flaw in the JAXP component. A remote attacker can trigger partial denial of service.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Improper access control

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-10348

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition.

The weakness exists due to a flaw in the Libraries component. A remote attacker can trigger partial denial of service.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Improper access control

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-10357

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition.

The weakness exists due to a flaw in the Serialization component. A remote attacker can trigger partial denial of service.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Improper access control

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-10355

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition.

The weakness exists due to a flaw in the Networking component. A remote attacker can trigger partial denial of service.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Denial of service

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-9841

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in zlib due to out-of-bounds pointer arithmetic in inftrees.c. A remote attacker can send a specially crafted document, trick the victim into opening it, and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Improper access control

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2017-10356

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The weakness exists due to a flaw in the Security component. A remote attacker can gain unauthorized access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Privilege escalation

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2017-10388

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain elevated privileges.

The weakness exists due to a flaw in the Libraries component. A remote attacker can escalate his privileges on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Denial of service

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-9843

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in zlib due to big-endian out-of-bounds pointer. A remote attacker can send a specially crafted document, trick the victim into opening it, and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Denial of service

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-9842

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in zlib due to an undefined left shift of negative number. A remote attacker can send a specially crafted document, trick the victim into opening it, and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Denial of service

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-9840

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in zlib due to out-of-bounds pointer arithmetic in inftrees.c. A remote attacker can send a specially crafted document, trick the victim into opening it, and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Information disclosure

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-10165

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to a flaw in the 2D (Little CMS 2) component. A remote attacker can read arbitrary files on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Weak passwords requirements

Risk: Low

CVSSv3.1: 4.5 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2018-1447

CWE-ID: CWE-521 - Weak Password Requirements

Exploit availability: No

Description

The vulnerability allows a local unauthenticated attacker to obtain potentially sensitive information on the target system.

The weakness exists due to the GSKit CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of passwords. A weak password may be recovered. A local attacker can gain access to potentially sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Double free error

Risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-0705

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to double-free error when parsing DSA private keys. A remote attacker can trigger memory corruption and cause the service to crash.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Information disclosure

Risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-3732

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to propagating error in the x86_64 Montgomery squaring procedure. A remote attacker with access to unpatched vulnerable system that uses a shared private key with Diffie-Hellman (DH) parameters set can gain unauthorized access to sensitive private key information.

According to vendor’s advisory, this vulnerability is unlikely to be exploited in real-world attacks, as it requires significant resources and online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients.

Vulnerability exploitation against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Carry propagation issue

Risk: Low

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2017-3736

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a remote attacker to decrypt data.

The vulnerability exists due to carry propagating bug in the x86_64 Montgomery squaring procedure (bn_sqrx8x_internal). A remote attacker can decrypt encrypted data. The vulnerability affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use of a broken or risky cryptographic algorithm

Risk: Low

CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2018-1428

CWE-ID: CWE-327 - Use of a Broken or Risky Cryptographic Algorithm

Exploit availability: No

Description

The vulnerability allows a local unauthenticated attacker to obtain potentially sensitive information on the target system.

The weakness exists due to IBM GSKit uses weaker than expected cryptographic algorithms. A local attacker can gain access to potentially sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Integer overflow

Risk: Low

CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2018-1427

CWE-ID: CWE-190 - Integer Overflow or Wraparound

Exploit availability: No

Description

The vulnerability allows a local unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to IBM GSKit contains several environment variables. A local attacker can cause the service to crash.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Use of cryptographically weak PRNG

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2018-1426

CWE-ID: CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Exploit availability: No

Description

The vulnerability allows a remote unauthenticated attacker to obtain potentially sensitive information and write arbitrary files on the target system.

The weakness exists due to IBM GSKit duplicates the PRNG state across fork() system calls when multiple ICC instances are loaded which can result in duplicate Session IDs and a risk of duplicate key material. A remote attacker can gain access to potentially sensitive information and write arbitrary files.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Information disclosure

Risk: Low

CVSSv3.1: 4.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2016-0702

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a local attacker to decrypt data passed via encrypted SSL connection.

The vulnerability exists in the MOD_EXP_CTIME_COPY_FROM_PREBUF() function in crypto/bn/bn_exp.c. The application does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the same Intel Sandy Bridge CPU core as a victim and leveraging cache-bank conflicts.

The vulnerability was dubbed "CacheBleed".

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Information disclosure

Risk: Low

CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2017-1681

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No

Description

The vulnerability allows a local attacker to obtain potentially sensitive information.

The vulnerability exists in the web interface of IBM WebSphere Application Server due to the improper handling of application requests. A local attacker can send a specially crafted request and obtain unauthorized access to read a file.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Cognos Controller: 10.2.0, 10.2.1, 10.3.0, 10.3.1

CPE External links

http://www-01.ibm.com/support/docview.wss?uid=swg22015510&myns=swgimgmt&mynp=OCSS9S6B&mync=E&cm_sp=swgimgmt-_-OCSS9S6B-_-E

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###