IBM77FA959464E77CD2D3FEC090679425661D222D831CF3B1C6F715597D8077C55ESecurity Bulletin: Sweet32 vulnerability affects IBM Operations Analytics - Log Analysis (CVE-2016-2183)
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
Summary
Sweet32 vulnerability affects IBM Operations Analytics - Log Analysis. IBM Operations Analytics - Log Analysis have addressed the applicable CVE.
Vulnerability Details
CVEID: CVE-2016-2183
DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the in the Triple-DES on 64-bit block cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack.
CVSS Base Score: 3.7
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/116337> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
IBM Operations Analytics - Log Analysis version 1.3.2, 1.3.3, 1.3.3.1 and 1.3.5
Remediation/Fixes
** Upgrade Instructions**
1. Download the Fix JDK from fix central (ibm-java-sdk-8.0-4.1-linux-x86_64.tgz)
http://www-01.ibm.com/support/docview.wss?uid=swg24043270
At the bottom Download package section, click on Linux 64-bit x86 AMD/Intel Java SDK FC link
2. Copy the ibm-java-sdk-8.0-4.1-linux-x86_64.tgz to LA server and un-tar it into a temporary folder (/tmp)
and rename the directory from ‘ibm-java-x86_64-80’ to ‘ibm-java’
/tmp> tar -xvf ibm-java-sdk-8.0-4.1-linux-x86_64.tgz
/tmp> mv ibm-java-x86_64-80 ibm-java
3. Stop Log Analysis
<LA_HOME>/utilities/unity,sh -stop
4. Take backup of <LA_HOME>/ibm-java folder
mv <LA_HOME>/ibm-java <LA_HOME>/ibm-java_back
5. Copy the ibm-java extracted in step 2 to <LA_HOME>
mv /tmp/ibm-java <LA_HOME>
6. Take a backup and replace the <LA_HOME>/ibm-java/jre/lib/security/cacerts file from backed up ibm-java folder.
mv <LA_HOME>/ibm-java/jre/lib/security/cacerts <LA_HOME>/ibm-java/jre/lib/security/cacerts_back
cp <LA_HOME>/ibm-java_back/jre/lib/security/cacerts <LA_HOME>/ibm-java/jre/lib/security/
7. Start Log Analysis
<LA_HOME>/utilities/unity,sh -start
Rollback Instructions
1. Stop Log Analysis
<LA_HOME>/utilities/unity,sh -stop
2. Backup of <LA_HOME>/ibm-java folder
mv <LA_HOME>/ibm-java <LA_HOME>/ibm-java_8.0-4.1
3. Restore original IBM Java
mv <LA_HOME>/ibm-java_back <LA_HOME>/ibm-java
4. Restore the original <LA_HOME>/ibm-java/jre/lib/security/cacerts file from backed up ibm-java folder.
mv <LA_HOME>/ibm-java/jre/lib/security/cacerts <LA_HOME>/ibm-java/jre/lib/security/cacerts_back
cp <LA_HOME>/ibm-java_8.0-4.1/jre/lib/security/cacerts <LA_HOME>/ibm-java/jre/lib/security/
5. Start Log Analysis
<LA_HOME>/utilities/unity,sh -start
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm smartcloud analytics | eq | any |
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N