Lucene search

K
ibmIBM70549CC4BB1FA3369F5BC1EF01770F5CF2D9642AA2B34DE63805694D06A895CC
HistorySep 23, 2021 - 1:31 a.m.

Security Bulletin: Vulnerabilities in Apache Tomcat affect Power Hardware Management Console (CVE-2016-6816, CVE-2016-6817, and CVE-2016-0762)

2021-09-2301:31:39
www.ibm.com
20
apache tomcat
power hardware management console
http response splitting
http/2 denial of service
sensitive information leakage
ibm fix central
cve-2016-6816
cve-2016-6817
cve-2016-0762
power hmc v7.9.0.0
power hmc v8.8.2.0
power hmc v8.8.3.0
power hmc v8.8.4.0
power hmc v8.8.5.0
power hmc v8.8.6.0

EPSS

0.025

Percentile

90.4%

Summary

Apache Tomcat is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVEs.

Vulnerability Details

CVEID: CVE-2016-6816**
DESCRIPTION:** Apache Tomcat is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information.
CVSS Base Score: 6.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/119158 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID: CVE-2016-6817**
DESCRIPTION:** Apache Tomcat is vulnerable to a denial of service. By sending a specially crafted HTTP/2 header, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/119156 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2016-0762**
DESCRIPTION:** Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to process the user supplied password if the specified user name does not exist by the Realm implementation. An attacker could exploit this vulnerability to conduct a timing attack and determine valid usernames on the system.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/118407 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

Power HMC V7.9.0.0
Power HMC V8.8.2.0
Power HMC V8.8.3.0
Power HMC V8.8.4.0
Power HMC V8.8.5.0
Power HMC V8.8.6.0

Remediation/Fixes

The following fixes are available on IBM Fix Central at: <http://www-933.ibm.com/support/fixcentral/&gt;

Product

|

VRMF

|

APAR

|

Remediation/Fix

—|—|—|—

Power HMC

|

V7.7.9.0 SP3

|

MB04061

|

MH01677

Power HMC

|

V8.8.2.0 SP3

|

MB04062

|

MH01678

Power HMC

|

V8.8.3.0 SP3

|

MB04063

|

MH01679

Power HMC

|

V8.8.4.0 SP2

|

MB04064

|

MH01680

Power HMC

|

V8.8.5.0 SP1

|

MB04065

|

MH01681

Power HMC

|

V8.8.6.0

|

MB04060

|

MH01674

Workarounds and Mitigations

None