SynopsisAn infrastructure management application running on the remote host is affected by multiple vulnerabilities.
DescriptionAccording to its self-reported version, the IBM BigFix Platform application running on the remote host is 9.2.x prior to 9.2.15, or 9.5.x prior to 9.5.10. It is, therefore, affected by multiple vulnerabilities :
- IBM BigFix Platform is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information.
- IBM BigFix Platform does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known to an attacker.
- OpenSSL is vulnerable to a denial of service. By sending specially crafted ASN.1 data with a recursive definition, a remote attacker could exploit this vulnerability to consume excessive stack memory. (CVE-2018-0739)
In addition, IBM BigFix Platform is also affected by several additional vulnerabilities including multiple information disclosure vulnerabilities, a clickjacking vulnerability, multiple sensitive cookie weakened security vulnerabilities, and a session hijacking vulnerability.
IBM BigFix Platform was formerly known as Tivoli Endpoint Manager, IBM Endpoint Manager, and IBM BigFix Endpoint Manager.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to IBM BigFix Platform version 9.2.15 / 9.5.10 or later.