Security Bulletin: IBM Tivoli Monitoring is affected by a vulnerability in its internal web server

Summary

A vulnerability exists in the internal web server provided by IBM Tivoli Monitoring basic services. IBM has addressed this vulnerability.

Vulnerability Details

CVEID: CVE-2017-1789**
DESCRIPTION:** IBM Tivoli Monitoring could allow an unauthenticated user to remotely execute code through unspecified methods.
CVSS Base Score: 9.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/137034&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

IBM Tivoli Monitoring version 6.2.3 through 6.2.3 Fix Pack 5

IBM Tivoli Monitoring version 6.3.0 through 6.3.0 Fix Pack 7

Remediation/Fixes

The recommended solution is to apply the fix for the version of IBM Tivoli Monitoring as listed below:

Fix

| VRMF|APAR|How to acquire fix
—|—|—|—
6.2.3-TIV-ITM-FP0005-IJ04324| 6.2.3.5| IJ04324|
<http://www.ibm.com/support/docview.wss?uid=swg24044639&gt;
6.3.0-TIV-ITM-FP0007-IJ04324| 6.3.0.7| IJ04324

Workarounds and Mitigations

The internal HTTP server can be disabled for Agent only systems. For TEMS/TEPS you need to apply the appropriate patch above.