Lucene search

IBMD5EBE1C579AE243E53403A5D71DB2658AD735AEE1B20FF8E958669575F835D76

HistoryJun 05, 2023 - 3:54 p.m.

Security Bulletin: There are several vulnerabilities with TinyMCE used by IBM Maximo Asset Management

2023-06-0515:54:15

www.ibm.com

cross-site scripting

validation

remote attacker

web browser

ibm x-force

denial of service

regular expression

node.js module

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

54.8%

JSON

Summary

There are several vulnerabilities with TinyMCE used by IBM Maximo Asset Management.

Vulnerability Details

CVEID:CVE-2022-23494
**DESCRIPTION:**TinyMCE is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVSS Base score: 5.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/241799 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

CVEID:CVE-2019-1010091
**DESCRIPTION:**tinymce is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the media element. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/163970 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID:CVE-2020-17480
**DESCRIPTION:**Tiny Technologies TinyMCE is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the core parser, paste, and visualchars plugins in a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/186834 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

**IBM X-Force ID:**221404
**DESCRIPTION:**TinyMCE is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in a dependency of the codesample plugin. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/221404 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

**IBM X-Force ID:**197073
**DESCRIPTION:**Node.js tinymce module is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the core parser. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/197073 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

**IBM X-Force ID:**221584
**DESCRIPTION:**TinyMCE is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the core parser. A remote attacker could exploit this vulnerability using the clipboard or editor APIs to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/221584 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

**IBM X-Force ID:**221585
**DESCRIPTION:**TinyMCE is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the URL processing logic of the image and link plugins. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/221585 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

**IBM X-Force ID:**220521
**DESCRIPTION:**TinyMCE is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the core parser. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/220521 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

**IBM X-Force ID:**202791
**DESCRIPTION:**Node.js tinymce module is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the core parser for form elements. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/202791 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

Affected Products and Versions

This vulnerability affects the following versions of the IBM Maximo Asset Management core product. Older versions of Maximo Asset Management may be impacted. The recommended action is to update to the latest version.

Product versions affected:

Affected Product(s)	Version(s)
IBM Maximo Asset Management	7.6.1.2
IBM Maximo Asset Management	7.6.1.3

Remediation/Fixes

The recommended solution is to download the appropriate Interim Fix or Fix Pack from Fix Central and apply for each affected product as soon as possible. Please see below for information on the fixes available for each product, version, and release. Follow the installation instructions in the ‘readme’ documentation provided with each fix pack or interim fix.

For Maximo Asset Management 7.6:

VRM	Fix Pack, Feature Pack, or Interim Fix	Download
7.6.1.2	Maximo Asset Management 7.6.1.2 iFix:
7.6.1.2-TIV-MBS-IF030 or latest Interim Fix available	FixCentral
7.6.1.3

Maximo Asset Management 7.6.1.3 iFix:

7.6.1.3-TIV-MBS-IF005 or latest Interim Fix available

FixCentral

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmmaximo_asset_managementMatch7.6.1

ibmmaximo_for_utilitiesMatch7.6.0.2

ibmmaximo_for_utilitiesMatch7.6.0.1

ibmmaximo_for_nuclear_powerMatch7.6.1

ibmmaximo_spatial_asset_managementMatch7.6.0.5

ibmmaximo_spatial_asset_managementMatch7.6.0.4

ibmmaximo_spatial_asset_managementMatch7.6.0.3

ibmmaximo_spatial_asset_managementMatch7.6.0.2

ibmmaximo_for_oil_and_gasMatch7.6.1

ibmmaximo_asset_configuration_managerMatch7.6.6

ibmmaximo_asset_configuration_managerMatch7.6.7

ibmmaximo_for_transportationMatch7.6.2.5

ibmmaximo_for_transportationMatch7.6.2.4

ibmmaximo_for_transportationMatch7.6.2.3

ibmcontrol_deskMatch7.6.1.1

ibmcontrol_deskMatch7.6.1

ibmmaximo_for_aviationMatch7.6.8

ibmmaximo_for_aviationMatch7.6.7

ibmmaximo_for_aviationMatch7.6.6

ibmmaximo_for_service_providersMatch7.6.3.3

ibmmaximo_for_service_providersMatch7.6.3.2

ibmmaximo_for_service_providersMatch7.6.3.1

ibmmaximo_for_life_sciencesMatch7.6

CPENameOperatorVersion
ibm maximo asset managementeq7.6.1
maximo for utilitieseq7.6.0.2
maximo for utilitieseq7.6.0.1
maximo for nuclear powereq7.6.1
maximo spatial asset managementeq7.6.0.5
maximo spatial asset managementeq7.6.0.4
maximo spatial asset managementeq7.6.0.3
maximo spatial asset managementeq7.6.0.2
maximo for oil and gaseq7.6.1
maximo asset configuration managereq7.6.6

Name	Operator	Version
ibm maximo asset management	eq	7.6.1
maximo for utilities	eq	7.6.0.2
maximo for utilities	eq	7.6.0.1
maximo for nuclear power	eq	7.6.1
maximo spatial asset management	eq	7.6.0.5
maximo spatial asset management	eq	7.6.0.4
maximo spatial asset management	eq	7.6.0.3
maximo spatial asset management	eq	7.6.0.2
maximo for oil and gas	eq	7.6.1
maximo asset configuration manager	eq	7.6.6