Detections
Analytics

IBM Tivoli Endpoint Manager Server 8.2.x < 8.2.1445.0 / 9.0.x < 9.0.853.0 / 9.1.x < 9.1.1088.0 Unspecified XXE File Disclosure

medium Nessus Plugin ID 79334

Language:

Synopsis

The remote host is affected by a file disclosure vulnerability.

Description

According to its self-reported version, the IBM Tivoli Endpoint Manager server installed on the remote host is 8.2.x prior to 8.2.1445.0, 9.0.x prior to 9.0.853.0, or 9.1.x prior to 9.1.1088.0. It is, therefore, affected by an information disclosure vulnerability due to an XML External Entity (XXE) flaw that allows an attacker to read arbitrary files on the host by sending specially crafted XML data.

Note that this vulnerability only affects the Console, Root Server, Web Reports, and Server API components. It does not affect the Agent and Relay components.

Solution

Upgrade to Tivoli Endpoint Manager server 8.2.1445.0 / 9.0.853.0 / 9.1.1088.0 or later.

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg21673961

http://www-01.ibm.com/support/docview.wss?uid=swg21673964

http://www-01.ibm.com/support/docview.wss?uid=swg21673967

Plugin Details

Severity: Medium

ID: 79334

File Name: ibm_tem_9_1_1088_0.nasl

Version: 1.4

Type: remote

Family: Web Servers

Published: 11/19/2014

Updated: 7/12/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.7

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:ibm:tivoli_endpoint_manager

Required KB Items: Settings/ParanoidReport, www/BigFixHTTPServer

Exploit Ease: No known exploits are available

Patch Publication Date: 5/20/2014

Vulnerability Publication Date: 6/25/2014

Reference Information

CVE: CVE-2014-3066