Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM7F8FEB8E2A6E3E8CFFBBBD7F3BBE88BD9FA929BC4D96CEE99377907EFC6556D3
HistoryJul 23, 2018 - 11:40 a.m.

Security Bulletin: RCE vulnerability (CVE-2018-1595) affects IBM Platform Symphony, IBM Spectrum Symphony

2018-07-2311:40:02
www.ibm.com
11

0.001 Low

EPSS

Percentile

50.0%

JSON

Summary

A security vulnerability related to Remote Command Execution (RCE), caused by dynamic JSP file builds, has been identified in IBM Platform Symphony 6.1.1, 7.1 Fix Pack 1, 7.1.1 and IBM Spectrum Symphony 7.1.2, 7.2.0.2.

Vulnerability Details

CVEID: CVE-2018-1595 DESCRIPTION: IBM Spectrum Symphony and Platform Symphony could allow an authenticated user to execute arbitrary commands due to improper handling of user supplied input.
CVSS Base Score: 8.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/143622&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

IBM Platform Symphony 6.1.1, 7.1 Fix Pack 1, and 7.1.1

IBM Spectrum Symphony 7.1.2 and 7.2.0.2

Remediation/Fixes

These are the steps for the Linux and the steps for Windows are similar.
1. Log on to the master host as the cluster administrator and stop the WEBGUI service:
> egosh user logon -u Admin -x Admin
> egosh service stop WEBGUI
2. Log on to each management host in your cluster as the cluster administrator.
3. Delete the following files:
For IBM Platform Symphony 6.1.1 and 7.1 Fix Pack 1:
$EGO_TOP/gui/soam/<SOAM_VERSION>/symgui/generaltable/getDeviceInfo.jsp
For IBM Platform Symphony 7.1.1: $EGO_TOP/wlp/usr/servers/gui/apps/soam/7.1.1/symgui/generaltable/getDeviceInfo.jsp For IBM Spectrum Symphony 7.1.2 and 7.2.0.2:
$EGO_TOP/wlp/usr/servers/gui/apps/ego/<EGO_VERSION>/platform/generaltable/getDeviceInfo.jsp
$EGO_TOP/wlp/usr/servers/gui/apps/soam/<SOAM_VERSION>/symgui/generaltable/getDeviceInfo.jsp
4. Delete all subdirectories and files from the following directories:
For IBM Platform Symphony 6.1.1 and 7.1 Fix Pack 1:
> rm -rf $EGO_TOP/gui/work/*
For IBM Platform Symphony 7.1.1, IBM Spectrum Symphony 7.1.2 and 7.2.0.2:
> rm -rf $EGO_TOP/gui/work/*
> rm -rf $EGO_TOP/gui/workarea/*
> rm -rf $WLP_OUTPUT_DIR/webgui_hostname/gui/workarea/*
5. Clear your browser cache.
6. Start the WEBGUI service:
> egosh service start WEBGUI

Note: The above contents can also be found on IBM Fix Central: sym-6.1.1-build493462, sym-7.1-build486396, sym-7.1.1-build493457, sym-7.1.2-build493458, sym-7.2.0.2-build493459

Workarounds and Mitigations

None

Related

cvelist 1
nvd 1
cve 1
prion 1
cvelist
cvelist
CVE-2018-1595
2018-07-23 00:00:00
nvd
nvd
CVE-2018-1595
2018-08-01 17:29:00
cve
cve
CVE-2018-1595
2018-08-01 17:29:00
prion
prion
Input validation
2018-08-01 17:29:00

0.001 Low

EPSS

Percentile

50.0%

JSON
Related for 7F8FEB8E2A6E3E8CFFBBBD7F3BBE88BD9FA929BC4D96CEE99377907EFC6556D3
cvelist1nvd1cve1prion1