Security Bulletin: Vulnerabilities in Apache Tomcat affect IBM SONAS (CVE-2017-7674, CVE-2017-7675)

Summary

Vulnerabilities in Apache Tomcat affect IBM SONAS (CVE-2017-7674, CVE-2017-7675). IBM SONAS has addressed both CVEs.

Vulnerability Details

Apache Tomcat is used to provide graphical user interface for managing SONAS. The command line interface (CLI) interface is unaffected by these issues.
**** CVEID: CVE-2017-7674**
DESCRIPTION:** Apache Tomcat could provide weaker than expected security, caused by the failure to add an HTTP Vary header indicating that the response varies depending on Origin by the CORS Filter. A remote attacker could exploit this vulnerability to conduct client and server side cache poisoning.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/130248 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID: CVE-2017-7675**
DESCRIPTION:** Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by a flaw in the HTTP/2 implementation. By using a specially-crafted URL, an attacker could exploit this vulnerability to bypass security restraints.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/130247 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Affected Products and Versions

IBM SONAS
The product is affected when running a code releases 1.5.0.0 to 1.5.2.7

Remediation/Fixes

A fix for these issues is in version 1.5.2.8 of IBM SONAS. Customers running an affected version of SONAS should upgrade to 1.5.2.8 or a later version, so that the fix gets applied.

Please contact IBM support for assistance in upgrading your system.

Workarounds and Mitigations

Mitigation(s): Ensure that all users who have access to the system are authenticated by another security system such as a firewall.