IBMBAF13421FA6B7B5E144D2C8CC876CCAC9DB9A301E2A64CADB39C104B8B8413D6Security Bulletin: Multiple security vulnerabilities affect Liberty for Java for IBM Cloud (CVE-2019-4304, CVE-2019-4305)
6.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
Summary
There is an information disclosure and a bypass security vulnerability in WebSphere Application Server Liberty. These vulnerabilities have been addressed.
Vulnerability Details
CVEID: CVE-2019-4304 DESCRIPTION: IBM WebSphere Application Server - Liberty could allow a remote attacker to bypass security restrictions caused by improper session validation.
CVSS Base Score: 6.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/160950> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2019-4305 DESCRIPTION: IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by the improper setting of a cookie.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/160951> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
This vulnerability affects all versions of Liberty for Java in IBM Cloud up to and including v3.36.
Remediation/Fixes
To upgrade to Liberty for Java v3.37-20191002-1726 or higher, you must re-stage or re-push your application and use the alternate runtime.
See the following instructions on how to used the alternate runtime.
<https://cloud.ibm.com/docs/runtimes/liberty?topic=liberty-using_monthly_runtime>
To find the current version of Liberty for Java in IBM Cloud being used, from the command-line Cloud Foundry client by running the following commands:
cf ssh <appname> -c cat โstaging_info.ymlโ
Look for the following lines:
{โdetected_buildpackโ:โLiberty for Javaโข (WAR, liberty-19.0.0_9, buildpack-v3.37-20191002-1726, ibmjdk-1.8.0_sr5fp41-20190919, env)โ,โstart_commandโ:โ.liberty/initial_startup.rbโ}
To re-stage your application using the command-line Cloud Foundry client, use the following command:
cf restage <appname>
To re-push your application using the command-line Cloud Foundry client, use the following command:
cf push <appname>
Workarounds and Mitigations
None.
| CPE | Name | Operator | Version |
|---|---|---|---|
| liberty for java for ibm cloud | eq | any |
Related
6.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P