IBM BigFix Compliance 1.9.70 Multiple Vulnerabilities

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

An infrastructure management application running on the remote web
server is affected by multiple vulnerabilities.

Description :

According to its self-reported version, the instance of IBM BigFix
Compliance running on the remote web server is 1.9.70. It is,
therefore, affected by multiple vulnerabilities :

- A stored cross-site scripting (XSS) vulnerability exists
in the Analytics component in the Web UI due to improper
validation of user-supplied input. An unauthenticated,
remote attacker can exploit this, via a specially
crafted request, to execute arbitrary script code in a
user's browser session. (CVE-2017-1178)

- An information disclosure vulnerability exists in the
Analytics component due to the use of outdated
encryption algorithms. A man-in-the-middle (MitM)
attacker can exploit this to disclose sensitive
information. (CVE-2017-1179)

- An information disclosure vulnerability exists in the
Analytics component due to a weak default password
policy. An unauthenticated, remote attacker can exploit
this, via a brute-force attack, to disclose user account
credentials. (CVE-2017-1196)

- A security weakness exists in the Analytics component
due to a failure to securely lockout accounts after
multiple failed authentication attempts. An
unauthenticated, remote attacker can exploit this to
perform brute-force attacks. (CVE-2017-1197)

See also :

https://www-01.ibm.com/support/docview.wss?uid=swg22004161
https://www-01.ibm.com/support/docview.wss?uid=swg22004164
https://www-01.ibm.com/support/docview.wss?uid=swg22004168
https://www-01.ibm.com/support/docview.wss?uid=swg22004170

Solution :

Upgrade to IBM BigFix Compliance version 1.9.79 or later.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 100720 ()

Bugtraq ID: 98909
98910
98911

CVE ID: CVE-2017-1178
CVE-2017-1179
CVE-2017-1196
CVE-2017-1197

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now