Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM366FA55EE0B09B40AABB041DB433F5E49FC0E42F7988440387EBE3EED9DBAE91
HistoryJun 16, 2018 - 9:45 p.m.

Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Privileged Identity Manager

2018-06-1621:45:20
www.ibm.com
22

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

JSON

Summary

There were multiple security vulnerabilities fixed in the IBM Security Privileged Identity Manager Product

Vulnerability Details

CVEID: CVE-2016-2996**
DESCRIPTION:** IBM Security Privileged Identity Manager Virtual Appliance could allow an authenticated user to append lines to any file on the system due to an error with input validation.
CVSS Base Score: 6.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/114150&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)

CVEID: CVE-2015-5194**
DESCRIPTION:** Network Time Protocol (NTP) is vulnerable to a denial of service, caused by an uninitialized variable when processing malicious commands. By sending a specially crafted logconfig configuration command, a remote authenticated attacker could exploit this vulnerability to cause the daemon to crash.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/107595&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2015-7692**
DESCRIPTION:** Network Time Protocol (NTP) is vulnerable to a denial of service, caused by an error in ntp_crypto.c. An attacker could exploit this vulnerability using a packet containing an extension field with an invalid value for the length of its value field to cause ntpd to crash.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/107450&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2015-5195**
DESCRIPTION:** Network Time Protocol (NTP) is vulnerable to a denial of service, caused by the referencing of a statistics type that was not enabled during compilation by the statistics or filegen configuration command. By sending a specially crafted config command with statistics type, a remote authenticated attacker could exploit this vulnerability to cause a segmentation fault.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/107596&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2015-5219**
DESCRIPTION:** Network Time Protocol (NTP) is vulnerable to a denial of service, caused by an error in the sntp program. By sending specially crafted NTP packets, a remote attacker from within the local network could exploit this vulnerability to cause the application to enter into an infinite loop.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/107597&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2015-7691**
DESCRIPTION:** Network Time Protocol (NTP) is vulnerable to a denial of service, caused by an error in ntp_crypto.c. An attacker could exploit this vulnerability using a packet containing an extension field with an invalid value for the length of its value field to cause ntpd to crash.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/107449&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2015-7701**
DESCRIPTION:** Network Time Protocol (NTP) could allow a remote attacker to obtain sensitive information, caused by a memory leak in CRYPTO_ASSOC. An attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/107444&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2015-7702**
DESCRIPTION:** Network Time Protocol (NTP) is vulnerable to a denial of service, caused by an error in ntp_crypto.c. An attacker could exploit this vulnerability using a packet containing an extension field with an invalid value for the length of its value field to cause ntpd to crash.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/107451&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2015-7703**
DESCRIPTION:** Network Time Protocol (NTP) could allow a remote attacker to traverse directories on the system, caused by the failure to enforce local access only of the “pidfile” and “driftfile” configuration directives. An attacker could exploit this vulnerability to view arbitrary files on the system.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/107445&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID: CVE-2015-7852**
DESCRIPTION:** Network Time Protocol (NTP) is vulnerable to a buffer overflow, caused by improper bounds checking by thecookedprint functionality. By sending an overly long string, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 7.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/107439&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID: CVE-2015-7978**
DESCRIPTION:** NTP is vulnerable to a denial of service. By sending a specially crafted reslist command, an attacker could exploit this vulnerability to consume all available stack memory.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/110023&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2015-7977**
DESCRIPTION:** NTP is vulnerable to a denial of service, caused by a NULL pointer dereference. By sending a specially crafted ntpdc reslist command, an attacker could exploit this vulnerability to cause a segmentation fault.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/110022&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2015-7979**
DESCRIPTION:** NTP could allow a remote attacker to bypass security restrictions. By sending specially crafted broadcast packets with bad authentication, an attacker could exploit this vulnerability to cause the target broadcast client to tear down the association with the broadcast server.
CVSS Base Score: 6.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/110024&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)

CVEID: CVE-2016-1547**
DESCRIPTION:** NTP is vulnerable to a denial of service, caused by the demobilization of a preemptable client association. By sending specially crafted crypto NAK packets, an attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 3.7
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112739&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-1548**
DESCRIPTION:** NTP could allow a remote attacker to bypass security restrictions, caused by an error in the ntpd client. By changing the client from basic client/server mode to interleaved symmetric mode, an attacker could exploit this vulnerability to modify the time of the client or cause a denial of service.
CVSS Base Score: 7.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112740&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L)

CVEID: CVE-2016-1550**
DESCRIPTION:** NTP could allow a local attacker to bypass security restrictions, caused by the failure to use a constant-time memory comparison function when validating the authentication digest on incoming packets. By sending a specially crafted packet with an authentication payload, an attacker could exploit this vulnerability to conduct a timing attack to compute the value of the valid authentication digest.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112742&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)

CVEID: CVE-2016-2518**
DESCRIPTION:** NTP is vulnerable to a denial of service, caused by an error when using a specially crafted packet to create a peer association with hmode > 7. An attacker could exploit this vulnerability to cause the MATCH_ASSOC() function to trigger an out-of-bounds read.
CVSS Base Score: 2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112746&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2015-5352 **
DESCRIPTION:** OpenSSH could allow a remote authenticated attacker to bypass security restrictions, caused by an error when making connections after ForwardX11Timeout expired. If X11 connections are forwarded with ForwardX11Trusted=no, an attacker could exploit this vulnerability to bypass XSECURITY restrictions.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/104418&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)

CVEID: CVE-2015-6563**
DESCRIPTION:** OpenSSH could allow a local attacker to bypass security restrictions, caused by the acceptance of extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests by the monitor component in sshd. An attacker could exploit this vulnerability to conduct impersonation attacks.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/105881&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID: CVE-2015-6564**
DESCRIPTION:** OpenSSH could allow a local attacker to gain elevated privileges on the system, caused by a use-after-free error in the mm_answer_pam_free_ctx function. An attacker could exploit this vulnerability to gain elevated privileges on the system.
CVSS Base Score: 7.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/105882&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2016-3627**
DESCRIPTION:** libxml2 is vulnerable to a denial of service, caused by an error in the xmlStringGetNodeList() function when parsing xml files while in recover mode. An attacker could exploit this vulnerability to exhaust the stack and cause a segmentation fault.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111586&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-3705**
DESCRIPTION:** libxml2 is vulnerable to a stack-based buffer overflow, caused by an out-of-bounds read of xmlParserEntityCheck() and xmlParseAttValueComplex() functions in parser.c. By persuading a victim to open a specially crafted XML file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 6.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112885&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)

CVEID: CVE-2016-4447**
DESCRIPTION:** libxml2 is vulnerable to a denial of service, caused by a heap-based buffer overflow. By persuading a victim to open a specially crafted XML file, a remote attacker could overflow a buffer and cause the application to crash.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113522&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID: CVE-2016-1181**
DESCRIPTION:** Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against unintended remote operations against components on server memory by the ActionForm instance. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 8.1
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113852&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2016-1182**
DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by the improper validation of input by the Validator. An attacker could exploit this vulnerability to modify validation rules and error messages.
CVSS Base Score: 4.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113853&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)

CVEID: CVE-2016-0353**
DESCRIPTION:** IBM Security Privileged Identity Manager Virtual Appliance could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and obtain sensitive information.
CVSS Base Score: 3.7
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111892&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

IBM Security Privileged Identity Manager 2.0

Remediation/Fixes

Affected Versions

| Fix Availability
—|—
ISPIM 2.0| ISPIM 2.0.2 Fixpack 8

Workarounds and Mitigations

None

Related

ibm 44
openvas 25
redhat 5
nessus 64
centos 4
oraclelinux 5
fedora 10
f5 12
altlinux 2
osv 4
debian 4
securityvulns 2
aix 2
mageia 4
amazon 4
ubuntu 1
ubuntucve 3
suse 2
gentoo 1
cloudfoundry 1
ibm
ibm
Security Bulletin: IBM Security Access Manager for Web is affected by vulnerabilities in NTP
2018-06-16 21:45:47
Security Bulletin: IBM Security Access Manager for Mobile is affected by vulnerabilities in NTP
2018-06-16 21:45:47
Security Bulletin: Multiple vulnerabilities in NTP affect IBM Security Network Protection
2018-06-16 21:43:27
openvas
openvas
RedHat Update for ntp RHSA-2016:0780-01
2016-05-11 00:00:00
Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2016-1060)
2020-01-23 00:00:00
RedHat Update for ntp RHSA-2016:2583-02
2016-11-04 00:00:00
redhat
redhat
(RHSA-2016:0780) Moderate: ntp security and bug fix update
2016-05-10 06:42:20
(RHSA-2016:2583) Moderate: ntp security and bug fix update
2016-11-03 06:07:15
(RHSA-2016:1552) Moderate: ntp security update
2016-08-03 04:36:58
nessus
nessus
CentOS 6 : ntp (CESA-2016:0780)
2016-05-17 00:00:00
Oracle Linux 6 : ntp (ELSA-2016-0780)
2016-05-16 00:00:00
Scientific Linux Security Update : ntp on SL6.x i386/x86_64 (20160510)
2016-06-09 00:00:00
centos
centos
ntp, ntpdate security update
2016-05-16 10:19:19
ntp, ntpdate, sntp security update
2016-11-25 16:00:55
ntp, ntpdate, sntp security update
2016-05-31 10:58:56
oraclelinux
oraclelinux
ntp security and bug fix update
2016-11-09 00:00:00
ntp security and bug fix update
2016-05-12 00:00:00
ntp security update
2016-05-31 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: ntp-4.2.6p5-34.fc21
2015-11-04 22:51:44
[SECURITY] Fedora 22 Update: ntp-4.2.6p5-36.fc22
2016-02-21 02:33:52
[SECURITY] Fedora 23 Update: ntp-4.2.6p5-34.fc23
2015-11-02 18:55:43
f5
f5
SOL17530 - NTP vulnerabilities CVE-2015-7691, CVE-2015-7692, and CVE-2015-7702
2015-11-02 00:00:00
K17530 : NTP vulnerabilities CVE-2015-7691, CVE-2015-7692, and CVE-2015-7702
2015-11-05 00:00:00
K17263 : OpenSSH vulnerabilities CVE-2015-6563 and CVE-2015-6564
2015-09-17 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package openssh version 6.7p1-alt1.M70P.4
2016-11-08 00:00:00
Security fix for the ALT Linux 6 package openssh version 6.7p1-alt1.M60P.4
2016-11-08 00:00:00
osv
osv
ntp - security update
2015-11-01 00:00:00
ntp - security update
2016-07-25 00:00:00
ntp - security update
2016-07-25 00:00:00
debian
debian
[SECURITY] [DLA 559-1] ntp security update
2016-07-25 21:37:14
[SECURITY] [DSA 3629-1] ntp security update
2016-07-25 21:15:32
[SECURITY] [DLA 335-1] ntp security update
2015-10-28 20:45:05
securityvulns
securityvulns
ntp multiple security vulnerabilities
2015-11-01 00:00:00
[USN-2783-1] NTP vulnerabilities
2015-11-01 00:00:00
aix
aix
Vulnerabilities in NTP affect AIX,Vulnerabilities in NTP affect VIOS
2016-01-21 09:13:20
AIX OpenSSH Vulnerability
2015-10-21 09:17:40
mageia
mageia
Updated ntp packages fixes security vulnerabilities
2015-10-26 00:50:36
Updated ntp packages fix security vulnerabilities
2016-05-14 00:54:49
Updated libxml2 packages fix security vulnerability
2016-05-20 14:38:30
amazon
amazon
Low: ntp
2015-09-02 12:00:00
Important: ntp
2015-10-27 16:42:00
Medium: openssh
2015-09-02 12:00:00
ubuntu
ubuntu
NTP vulnerabilities
2015-10-27 00:00:00
ubuntucve
ubuntucve
CVE-2015-7978
2015-12-31 00:00:00
CVE-2015-7977
2015-12-31 00:00:00
CVE-2016-1547
2016-04-29 00:00:00
suse
suse
Security update for openssh (important)
2015-09-21 09:10:02
Security update for ntp (important)
2016-05-17 15:09:17
gentoo
gentoo
OpenSSH: Multiple vulnerabilities
2015-12-20 00:00:00
cloudfoundry
cloudfoundry
USN-3096-1: NTP vulnerabilities | Cloud Foundry
2016-12-21 00:00:00

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

JSON
Related for 366FA55EE0B09B40AABB041DB433F5E49FC0E42F7988440387EBE3EED9DBAE91
ibm44openvas25redhat5nessus64centos4oraclelinux5fedora10f512altlinux2osv4debian4securityvulns2aix2mageia4amazon4ubuntu1ubuntucve3suse2gentoo1cloudfoundry1