Lucene search

IBM33E772FE581A9D6941CAFA467B27570A2BFAEDE9621378A1CC43B798A00E48C5

HistoryAug 03, 2018 - 4:23 a.m.

Security Bulletin: Rational Host On-Demand clients affected by vulnerabilities in IBM JRE

2018-08-0304:23:43

www.ibm.com

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

Summary

IBM Rational Host On-Demand provides a Java JRE as part of its server package for clients to download and install on client machines. The vulnerabilities are only applicable to client-side Java deployments where untrusted code may be executed (such as Java applets running in a web browser). Server applications such as Host On-Demand server are not vulnerable.

Vulnerability Details

| Subscribe to My Notifications to be notified of important product support alerts like this.

Follow this link for more information (requires login with your IBM ID)
—|—

CVE ID: CVE-2013-3012, CVE-2013-3011, CVE-2013-3010, CVE-2013-3009, CVE-2013-3008, CVE-2013-3007, CVE-2013-3006, CVE-2013-2455, CVE-2013-2436, CVE-2013-2467, CVE-2013-2466, CVE-2013-2468, CVE-2013-2462, CVE-2013-3743, CVE-2013-2400, CVE-2013-3744, CVE-2013-1571, CVE-2013-2437, CVE-2013-2443, CVE-2013-1500, CVE-2013-2442, CVE-2013-4002

Description: There are a number of vulnerabilities in the IBM JAVA SDK versions that affect various components, some of the issues need to be combined in sequence to achieve an exploit. This occurs when the affected JRE is installed as the system JRE.

This advisory is only applicable to client-side Java deployments where untrusted code may be executed (such as Java applets running in a web browser).

The vulnerabilities work by exploiting weaknesses in the internal implementation of various IBM SDK components. Some of the weaknesses need to be combined in sequence to achieve an exploit. All of the issues are only applicable to scenarios in which untrusted code is executed under a security manager. The exploits allow untrusted code to elevate its privileges by modifying or removing the security manager.
The most common vulnerable use case is a JRE running an untrusted Java applet or Java Web Start application. This occurs when the affected JRE is installed as the system JRE.

CVEID:CVE-2013-2436
CVSS Base Score: 9.3 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/83575> CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2455 **CVSS Base Score:**5 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/84146> CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-3006 **CVSS Base Score:**9.3 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/84147> CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3007 **CVSS Base Score: **9.3 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/84148> CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3008 **CVSS Base Score:**9.3 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/84149> CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3009 **CVSS Base Score:**9.3 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/84150> CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3010 **CVSS Base Score:**9.3 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/84151> CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3011 **CVSS Base Score:**9.3 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/84152> CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3012 **CVSS Base Score:**9.3 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/84153> CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2467 **CVSS Base Score:**6.9 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85043> CVSS Vector: (AV:L/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2466 **CVSS Base Score:**10 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85035> CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2468 **CVSS Base Score:**10 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85034> CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2462 **CVSS Base Score:**9.3 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85037> CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3743 **CVSS Base Score:**9.3 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85036> CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2400 **CVSS Base Score:**5 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85050> CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-3744 **CVSS Base Score:**5 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85051> CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-1571 **CVSS Base Score:**4.3 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/84715> CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-2437 CVSS Base Score: 5 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85049> CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N

CVEID: CVE-2013-2443 **CVSS Base Score:**5 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85054> CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-1500 **CVSS Base Score:**3.6 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85062> CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:N)

CVEID: CVE-2013-2442 **CVSS Base Score:**7.5 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85041> CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVEID: CVE-2013-4002 **CVSS Base Score:**7.1 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85260> CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)

Affected Products and Versions

IBM JRE shipped with Host On-Demand 11.0.0. Through 11.0.8

Remediation/Fixes

Upgrade IBM JRE to 1.7 SR5 or later on the client machines or switch to the Oracle JRE.

Review technote 1317268: How to replace the IBM JRE on the Host On-Demand Server for more details.

Workarounds and Mitigations

Do not visit untrusted websites while the browser has a vulnerable JRE enabled.

CPENameOperatorVersion
ibm host on-demandeq11.0
ibm host on-demandeq11.0.1.0
ibm host on-demandeq11.0.2.0
ibm host on-demandeq11.0.3.0
ibm host on-demandeq11.0.4.0
ibm host on-demandeq11.0.5.0
ibm host on-demandeq11.0.5.1
ibm host on-demandeq11.0.6
ibm host on-demandeq11.0.6.1
ibm host on-demandeq11.0.7

Name	Operator	Version
ibm host on-demand	eq	11.0
ibm host on-demand	eq	11.0.1.0
ibm host on-demand	eq	11.0.2.0
ibm host on-demand	eq	11.0.3.0
ibm host on-demand	eq	11.0.4.0
ibm host on-demand	eq	11.0.5.0
ibm host on-demand	eq	11.0.5.1
ibm host on-demand	eq	11.0.6
ibm host on-demand	eq	11.0.6.1
ibm host on-demand	eq	11.0.7