Security Bulletin: Multiple Security Vulnerabilities in Jetspeed Affect IBM Sterling B2B Integrator

Summary

There are multiple security vulnerabilities in Jetspeed that affect IBM Sterling B2B Integrator

Vulnerability Details

CVEID: CVE-2016-0711 DESCRIPTION: Apache Jetspeed is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the add a link, page, or folder functionality. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVSS Base Score: 6.1
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111887&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID: CVE-2016-0712 DESCRIPTION: Apache Jetspeed is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the URI path directory. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVSS Base Score: 6.1
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111888&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID: CVE-2016-2171 DESCRIPTION: Apache Jetspeed could allow a remote attacker to bypass security restrictions, caused by the failure to restrict access to the User Manager REST service. An attacker could exploit this vulnerability to gain unauthorized access to the application.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111889&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID: CVE-2016-0710 DESCRIPTION: Apache Jetspeed is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the User Manager service using the user or role parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVSS Base Score: 6.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111886&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)

CVEID: CVE-2016-0709 DESCRIPTION: Apache Jetspeed could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to the Import/Export function in the Portal Site Manager containing “dot dot” sequences (/…/) in a ZIP archive to upload a .jsp file to write it to a disk and execute arbitrary code on the system.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111885&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

IBM Sterling B2b Integrator 5.2.0.1 - 5.2.6.3

Remediation/Fixes

PRODUCT & Version

|

Remediation/Fix

—|—

IBM Sterling B2B Integrator 5.2.0.1 - 5.2.6.3

|

Apply IBM Sterling B2B Integrator version 6.0.0.0 or 5.2.6.4 available on Fix Central

Workarounds and Mitigations

None