SB2019051125 - Multiple vulnerabilities in IBM Tivoli System Automation Application Manager

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019051125

SB2019051125 - Multiple vulnerabilities in IBM Tivoli System Automation Application Manager

Published: May 11, 2019 Updated: July 12, 2023

Security Bulletin ID SB2019051125
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 33% Low 67%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 vulnerabilities.


1) Improper access control (CVE-ID: CVE-2019-2816)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).


2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2019-11771)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to AIX builds of Eclipse OpenJ9 contain unused RPATHs. A local user can trigger the vulnerability to bypass security restrictions and escalate privileges on the system.


3) Insecure DLL loading (CVE-ID: CVE-2019-4473)

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to the usage of insecure absolute RPATHs. A local user can place a specially crafted .dll file on a remote SMB fileshare, trick the victim into opening a file, associated with the vulnerable application, and execute arbitrary code on victim's system.


Remediation

Install update from vendor's website.

References