Lucene search

K
ibmIBMA32C6DF76505CE1438834C46A179D3BAF5C4C941E7A4CCE13657E37ADAA6DA21
HistoryJul 24, 2020 - 10:19 p.m.

Security Bulletin: Multiple Vulnerabilities affect IBM Sterling Secure Proxy

2020-07-2422:19:08
www.ibm.com
13

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

Summary

Three Jetty request smuggling vulnerabilities and an Apache ActiveMQ man-in-the-middle vulnerability were addressed by IBM Sterling Secure Proxy.

Vulnerability Details

CVE-ID: CVE-2017-7656 Description: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw in the HTTP/1.x Parser. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.
CVSS Base Score: 6.5
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/145520&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)

CVE-ID: CVE-2017-7657 Description: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked Transfer-Encoding chunk size. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.
CVSS Base Score: 6.5
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/145521&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)

CVE-ID: CVE-2017-7658 **Description: *Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a specially-crafted request, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.
CVSS Base Score: 6.5
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/145522&gt; for more information
CVSS Environmental Score
: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)

CVE-ID: CVE-2018-11775 **Description: *Apache ActiveMQ Client could allow a remote attacker to conduct a man-in-the-middle attack, caused by a missing TLS hostname verification. An attacker could exploit this vulnerability to launch a man-in-the-middle attack between a Java application using the ActiveMQ client and the ActiveMQ server.
CVSS Base Score: 5.9
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/149705&gt; for more information
CVSS Environmental Score
: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

IBM Sterling Secure Proxy 3.4.3 through 3.4.3.2 iFix 2

IBM Sterling Secure Proxy 3.4.2 through 3.4.2 iFix 15

Remediation/Fixes

Product

|

VRMF

|

APAR

|

How to acquire fix

—|—|—|—

IBM Sterling Secure Proxy

|

3.4.3.2

|

iFix 3

|

Fix Central

IBM Sterling Secure Proxy

|

3.4.2.0

|

iFix 16

|

Fix Central

Workarounds and Mitigations

None.

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

Related for A32C6DF76505CE1438834C46A179D3BAF5C4C941E7A4CCE13657E37ADAA6DA21