Lucene search

K
ibmIBM7C371350C79C6F7596054D8B19A4BAAD069A8ADE699FB847B44E70E03F3D6988
HistoryJun 19, 2020 - 3:00 p.m.

Security Bulletin: Multiple vulnerabilities in GSKit affect IBM Workload Scheduler

2020-06-1915:00:50
www.ibm.com
7

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

Summary

GSKit is used by IBM Workload Manager and is vulnerable to some OpenSSL vulnerabilities. IBM Workload Manager has addressed the applicable CVEs using an updated version of GSKit libraries.

Vulnerability Details

CVEID: CVE-2016-0705 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a double-free error when parsing DSA private keys. An attacker could exploit this vulnerability to corrupt memory and cause a denial of service.
CVSS Base Score: 3.7
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111140&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID: CVE-2017-3732 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a carry propagating bug in the x86_64 Montgomery squaring procedure. An attacker could exploit this vulnerability to obtain information about the private key.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/121313&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-3736 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a carry propagation flaw in the x86_64 Montgomery squaring function bn_sqrx8x_internal(). An attacker with online access to an unpatched system could exploit this vulnerability to obtain information about the private key.
CVSS Base Score: 5.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/134397&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID: CVE-2018-1428 DESCRIPTION: IBM GSKit uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139073&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID: CVE-2018-1427 DESCRIPTION: IBM GSKit contains several enviornment variables that a local attacker could overflow and cause a denial of service.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139072&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2018-1426 DESCRIPTION: IBM GSKit duplicates the PRNG state across fork() system calls when multiple ICC instances are loaded which could result in duplicate Session IDs and a risk of duplicate key material.
CVSS Base Score: 7.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139071&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)

CVEID: CVE-2016-0702 DESCRIPTION: OpenSSL could allow a local attacker to obtain sensitive information, caused by a side-channel attack against a system based on the Intel Sandy-Bridge microarchitecture. An attacker could exploit this vulnerability to recover RSA keys.
CVSS Base Score: 2.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111144&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

TWS uses GSKit only for secure communication between internal processes.
For Tivoli Workload Scheduler Distributed, TWS nodes are impacted by these security exposures only if the TWS workstation has been defined with “securitylevel” set to on or enabled or force and GSKit has been explictly enabled.
Furthermore the vulnerability applies to Dynamic Agents or zCentric agents too.
The security exposures apply to the following versions:
Tivoli Workload Scheduler Distributed 8.6.0 FP04 and earlier
Tivoli Workload Scheduler Distributed 9.1.0 FP02 and earlier
Tivoli Workload Scheduler Distributed 9.2.0 FP02 and earlier
IBM Workload Scheduler Distributed 9.3.0 FP03 and earlier
IBM Workload Scheduler Distributed 9.4.0 FP03 and earlier

Remediation/Fixes

APAR IJ06473 has been opened to address the GSKit vulnerabilities for IBM Workload Scheduler.
The following limited availability fixes for IJ06473 are available for download on FixCentral
8.6.0-TIV-TWS-FP0004-IJ06473
to be applied on top of Tivoli Workload Scheduler Distributed 8.6.0 FP04
9.1.0-TIV-TWS-FP0002-IJ06473
to be applied on top of Tivoli Workload Scheduler Distributed 9.1.0 FP02
9.2.0-TIV-TWS-FP0002-IJ06473
to be applied on top of Tivoli Workload Scheduler Distributed 9.2.0 FP02
9.3.0-TIV-TWS-FP0003-IJ06473
to be applied on top of Tivoli Workload Scheduler Distributed 9.3.0 FP03
9.4.0-TIV-TWS-FP0003-IJ06473
to be applied on top of Tivoli Workload Scheduler Distributed 9.4.0 FP03

For Unsupported releases IBM recommends upgrading to a fixed, supported release of the product.

Workarounds and Mitigations

None

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

Related for 7C371350C79C6F7596054D8B19A4BAAD069A8ADE699FB847B44E70E03F3D6988