IBM BigFix Platform 9.2.x < 9.2.15 / 9.5.x < 9.5.10 Multiple Vulnerabilities

Medium Nessus Plugin ID 119843

Synopsis

An infrastructure management application running on the remote host is affected by multiple vulnerabilities.

Description

According to its self-reported version, the IBM BigFix Platform application running on the remote host is 9.2.x prior to 9.2.15, or 9.5.x prior to 9.5.10. It is, therefore, affected by multiple vulnerabilities :

- IBM BigFix Platform is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information.
(CVE-2018-1474)

- IBM BigFix Platform does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known to an attacker.
(CVE-2018-1485)

- OpenSSL is vulnerable to a denial of service. By sending specially crafted ASN.1 data with a recursive definition, a remote attacker could exploit this vulnerability to consume excessive stack memory. (CVE-2018-0739)

In addition, IBM BigFix Platform is also affected by several additional vulnerabilities including multiple information disclosure vulnerabilities, a clickjacking vulnerability, multiple sensitive cookie weakened security vulnerabilities, and a session hijacking vulnerability.

IBM BigFix Platform was formerly known as Tivoli Endpoint Manager, IBM Endpoint Manager, and IBM BigFix Endpoint Manager.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to IBM BigFix Platform version 9.2.15 / 9.5.10 or later.

See Also

https://www-01.ibm.com/support/docview.wss?uid=ibm10733605

Plugin Details

Severity: Medium

ID: 119843

File Name: ibm_tem_9_5_10.nasl

Version: 1.3

Type: remote

Family: Web Servers

Published: 2018/12/21

Updated: 2019/05/02

Dependencies: 66269

Risk Information

Risk Factor: Medium

CVSS Score Source: CVE-2018-1474

CVSS v2.0

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS v3.0

Base Score: 4.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

Vulnerability Information

CPE: cpe:/a:ibm:tivoli_endpoint_manager, cpe:/a:ibm:bigfix_platform

Required KB Items: www/BigFixHTTPServer

Patch Publication Date: 2018/12/10

Vulnerability Publication Date: 2018/12/10

Reference Information

CVE: CVE-2018-0739, CVE-2018-1474, CVE-2018-1476, CVE-2018-1478, CVE-2018-1480, CVE-2018-1481, CVE-2018-1484, CVE-2018-1485