Lucene search

IBM207D869D444ED7F1CF99A365B5B5BBFB7CA77C33809D50D338DAD152DFE5E791

HistoryJun 17, 2018 - 5:23 a.m.

Security Bulletin: Multiple vulnerabilities in Apache Solr affect IBM Rational ClearQuest (CVE-2013-6407, CVE-2013-6408)

2018-06-1705:23:18

www.ibm.com

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

JSON

Summary

The Apache Solr that is shipped with IBM Rational ClearQuest contains multiple security vulnerabilities. IBM Rational ClearQuest has addressed the applicable CVEs.

Vulnerability Details

CVEID: CVE-2013-6407**
DESCRIPTION:** Apache Solr could allow a remote authenticated attacker to obtain sensitive information, caused by an error when parsing XML entities. By persuading a victim to open a specially-crafted XML document containing external entity references, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/89379 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:N/A:N)

CVEID: CVE-2013-6408

DESCRIPTION: Apache Solr could allow a remote authenticated attacker to obtain sensitive information, caused by an error when parsing XML entities. By persuading a victim to open a specially-crafted XML document containing external entity references, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/89380 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:N/A:N)

Affected Products and Versions

IBM Rational ClearQuest, versions 8.0, 8.0.1, 9.0 and 9.0.1 in the following component:

ClearQuest Full-Text Search.

ClearQuest version

Status

—|—

9.0.1, 9.0.1.1

Affected

9.0 through 9.0.0.5

Affected

8.0.1 through 8.0.1.15

Affected

8.0 through 8.0.0.21

Affected

Remediation/Fixes

To fix your existing installation, you must uninstall ClearQuest, then install the appropriate fix pack that contains the fixes. The uninstall procedure will save settings and configurations; the install procedure will offer to restore them.
As an alternative, you can change the configuration of your current system, see the “Workarounds and Mitigations” section below.

Affected Versions

** Applying the fix**

—|—

9.0.1, 9.0.1.1

| Uninstall your current ClearQuest version, then install Rational ClearQuest Fix Pack 2 (9.0.1.2) for 9.0.1

9.0 through 9.0.0.5

| Uninstall your current ClearQuest version, then install Rational ClearQuest Fix Pack 6 (9.0.0.6) for 9.0

8.0.1 through 8.0.1.15
8.0 through 8.0.0.21

| Uninstall your current ClearQuest version, then install Rational ClearQuest Fix Pack 16 (8.0.1.16) for 8.0.1
For 7.0, 7.1 and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product.

Workarounds and Mitigations

The mitigation is to take the following steps:

Locate the file <CQFTS_Home>/<DBSet_UserDB>/Solr/solr/conf/solrconfig.xml
Find the following two XML blocks that read
<requestHandler name="/update/xslt" startup="lazy" class="solr.XsltUpdateRequestHandler"/>
And
<requestHandler name="/analysis/document" class="solr.DocumentAnalysisRequestHandler" startup="lazy"/>
Either remove those two XML blocks or comment them out.
If you wish to use comments to exclude these blocks, you may use code like this surrounding the blocks:
`

Locate the file <CQFTS_Home>/<DBSet_UserDB>/Solr/typeahead/conf/solrconfig.xml
Find the following two XML blocks that read
<requestHandler name="/update/xslt" startup="lazy" class="solr.XsltUpdateRequestHandler"/>
And
<requestHandler name="/analysis/document" class="solr.DocumentAnalysisRequestHandler" startup="lazy"/>
Either remove those two XML blocks or comment them out.
If you wish to use comments to exclude these blocks, you may use code like this surrounding the blocks:
`

Using cqtsadmin.pl script, run the commands --stop_fts_was_profile and --start_fts_was_profile as documented here <https://www.ibm.com/support/knowledgecenter/en/SSSH5A_9.0.1/com.ibm.rational.clearquest.cli.doc/topics/r_cqtsadmin_pl.htm> to restart Solr so the changes to the solrconfig.xml files take effect.
Attention: The above steps must be done forall instances of ClearQuest Full-Text Search that you have deployed in your environment. (For each Full-Text Search enabled User Database).

Affected Versions

** Applying the fix**

—|—
8.0.0.x
8.0.1.x
9.0.0.x
9.0.1.x| Apply the above fix directly to your ClearQuest.
For 7.0, 7.1 and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product.

CPENameOperatorVersion
rational clearquesteq9.0.1.1
rational clearquesteq9.0.1
rational clearquesteq9.0.0.5
rational clearquesteq9.0.0.4
rational clearquesteq9.0.0.3
rational clearquesteq9.0.0.2
rational clearquesteq9.0.0.1
rational clearquesteq9.0
rational clearquesteq8.0.1.9
rational clearquesteq8.0.1.8

Name	Operator	Version
rational clearquest	eq	9.0.1.1
rational clearquest	eq	9.0.1
rational clearquest	eq	9.0.0.5
rational clearquest	eq	9.0.0.4
rational clearquest	eq	9.0.0.3
rational clearquest	eq	9.0.0.2
rational clearquest	eq	9.0.0.1
rational clearquest	eq	9.0
rational clearquest	eq	8.0.1.9
rational clearquest	eq	8.0.1.8