Lucene search

K
ibmIBM2E6C4238B53177FEDF3867A6A50391B514235D31F59F131F574F3B9A1898F802
HistoryJun 17, 2018 - 3:17 p.m.

Security Bulletin: IBM Tivoli Storage Manager ASNODENAME Vulnerability (CVE-2015-7408)

2018-06-1715:17:00
www.ibm.com
7

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

52.0%

Summary

Unauthorized Tivoli Storage Manager client sessions using the ASNODENAME option may run as authorized sessions allowing the user to generate or retrieve backup data for which they are not authorized.

Vulnerability Details

CVEID: CVE-2015-7408**
DESCRIPTION:** Tivoli Storage Manager clients can use the ASNODENAME option which allows the client session to run as a proxy for another client to which they have been granted proxy authority. The Tivoli Storage Manager server fails to adequately check the authorization of client sessions using the ASNODENAME option and runs the session as an authorized session. As a result, unauthorized users with proxy authority can generate and retrieve backup data that they would otherwise not be allowed to write or access.
CVSS Base Score: 2.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107434 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

This vulnerability affects the following IBM Tivoli Storage Manager (IBM Spectrum Protect) server levels:

  • 7.1.0.0 through 7.1.3.x
  • 6.3.0.0 through 6.3.5.0
  • 6.2 all levels
  • 6.1 all levels
  • 5.5 all levels

Remediation/Fixes

Tivoli Storage Manager Server Release

| Fixing VRM Level|APAR|**_

Platform_|Link to Fix / Fix Availability Target**
—|—|—|—|—
7.1| 7.1.4| IT13609| AIX
HP-UX
Linux
Solaris| http://www.ibm.com/support/docview.wss?uid=swg24041416
Note that this APAR will not be listed in the startup banner.
6.3| 6.3.5.1| IT13609| AIX
HP-UX
Linux
Solaris| Please contact IBM support to obtain cumulative e-fix level 6.3.5.110 or later. Note that this APAR will not be listed in the startup banner.
6.2, 6.1, and 5.5|
|
|
| IBM recommends upgrading the TSM server to a fixed level (7.1.4 or 6.3.5.1) or use the REVOKE PROXY command to remove all unauthroized users that have been granted proxy access (see Workarounds and Mitigation below).

Workarounds and Mitigations

To eliminate exposure to this vulnerability, only grant proxy access to authorized users. The QUERY PROXY command can be used to determine the users that have been granted proxy access. Use the REVOKE PROXY command to remove all unauthorized users that have been granted proxy access.

You should update the configuration of users running unauthorized who should be running as authorized users. An authorized user is any non-root user who has read and write access to the stored password (TSM.PWD file), or anyone who knows the password and enters it interactively. Authorized users may use the PASSWORDDIR option to define the directory where their copy of the TSM.PWD file is saved. Details on authorized users are described in the IBM Knowledge Center documentation for Tivoli Storage Manager under the section entitled “UNIX and Linux client root and authorized user tasks”.

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

52.0%

Related for 2E6C4238B53177FEDF3867A6A50391B514235D31F59F131F574F3B9A1898F802