Lucene search

K
ibmIBMD440AB0DC8D9679FF2760722F07B74524E47DD8175CD280720BB282C7015F027
HistoryFeb 18, 2023 - 1:45 a.m.

Security Bulletin: Vulnerabilities in Apache Struts affect the IBM FlashSystem models 840 and 900

2023-02-1801:45:50
www.ibm.com
34
apache struts
ibm flashsystem
vulnerabilities
cross-site scripting
cache poisoning
redirection
9840-ae1
9843-ae1
9840-ae2
9843-ae2

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9

Confidence

High

EPSS

0.024

Percentile

89.9%

Summary

There are vulnerabilities in Apache Struts to which the IBM® FlashSystem™ 840 and FlashSystem™ 900 are susceptible. An exploit of these vulnerabilities (CVE-2016-4430, CVE-2016-4431, CVE-2016-4433, and CVE-2016-4436) could allow a remote attacker to perform a cross-site script attack, perform Web cache poisoning, and redirect the victim to an arbitrary site.

Vulnerability Details

CVEID: CVE-2016-4430 DESCRIPTION: Apache Struts is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed expression to bypass token validation. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
CVSS Base Score: 8.8
CVSS Temporal Score: See _https://exchange.xforce.ibmcloud.com/vulnerabilities/114185_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID: CVE-2016-4431 DESCRIPTION: Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the default action method. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass internal security mechanism and redirect the victim to an arbitrary site.
CVSS Base Score: 5.3
CVSS Temporal Score: See _https://exchange.xforce.ibmcloud.com/vulnerabilities/114187_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID: CVE-2016-4433 DESCRIPTION: Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the Getter as action method. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass internal security mechanism and redirect the victim to an arbitrary site.
CVSS Base Score: 5.3
CVSS Temporal Score: See _https://exchange.xforce.ibmcloud.com/vulnerabilities/114186_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID: CVE-2016-4436 DESCRIPTION: An unspecified error Apache Struts related to the method used to clean up action name has an unknown impact and attack vector.
CVSS Base Score: 5.3
CVSS Temporal Score: See _https://exchange.xforce.ibmcloud.com/vulnerabilities/114183_ for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Affected Products and Versions

FlashSystem 840 including machine type and models (MTMs) for all available code levels. MTMs affected include 9840-AE1 and 9843-AE1.

FlashSystem 900 including machine type and models (MTMs) for all available code levels. MTMs affected include 9840-AE2 and 9843-AE2.

Remediation/Fixes

MTMs VRMF APAR Remediation/First Fix
FlashSystem****840 MTM:
9840-AE1 &
9843-AE1

FlashSystem 900 MTMs:
9840-AE2 &
9843-AE2| _Code fixes are now available, the minimum VRMF containing the fix depends on the code stream:

_Fixed code VRMF .
1.4 stream: 1.4.6.0 (or later)
1.3 stream: 1.3.0.7 (or later)| __N/A| FlashSystem 840 fixes**** and**FlashSystem 900 fixes****** are available @ IBM’s Fix Central __

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmflashsystem_900_firmwareMatchany
OR
ibmflashsystem_900_firmwareMatchany
VendorProductVersionCPE
ibmflashsystem_900_firmwareanycpe:2.3:o:ibm:flashsystem_900_firmware:any:*:*:*:*:*:*:*

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9

Confidence

High

EPSS

0.024

Percentile

89.9%

Related for D440AB0DC8D9679FF2760722F07B74524E47DD8175CD280720BB282C7015F027