ID IBM_RATIONAL_SWG21682120.NASL Type nessus Reporter Tenable Modified 2018-07-12T00:00:00
Description
According to its self reported version, the install of Rational Engineering Lifecycle Manager, Rational Software Architect Design Manager, and/or Rhapsody Design Manager on the remote host is affected by a cross-site request forgery in the IBM Configuration Management Application (VVC) component due to improper validation of user-supplied data. An attacker can exploit this vulnerability by convincing an authenticated user to visit a malicious website and hijacking the authentication via a malformed HTTP request, allowing the attacker to perform cross-site scripting attacks, web cache poisoning, and other malicious activities.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(79384);
script_version("1.3");
script_cvs_date("Date: 2018/07/12 19:01:16");
script_cve_id("CVE-2014-3037");
script_bugtraq_id(69658);
script_name(english:"IBM Rational Software Architect Design Manager / Engineering Lifecycle Manager / Rhapsody Design Manager < 4.0.7 XSRF");
script_summary(english:"Checks the version of RSA/RDM/RELM.");
script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by a cross-site request forgery
vulnerability.");
script_set_attribute(attribute:"description", value:
"According to its self reported version, the install of Rational
Engineering Lifecycle Manager, Rational Software Architect Design
Manager, and/or Rhapsody Design Manager on the remote host is affected
by a cross-site request forgery in the IBM Configuration Management
Application (VVC) component due to improper validation of
user-supplied data. An attacker can exploit this vulnerability by
convincing an authenticated user to visit a malicious website and
hijacking the authentication via a malformed HTTP request, allowing
the attacker to perform cross-site scripting attacks, web cache
poisoning, and other malicious activities.");
script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg21682120");
script_set_attribute(attribute:"solution", value:
"Upgrade to IBM Rational Software Architect Design Manager /
Engineering Lifecycle Manager / Rhapsody Design Manager version 4.0.7,
5.0.1, or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/09/05");
script_set_attribute(attribute:"patch_publication_date", value:"2014/09/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/11/21");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:rational_software_architect_design_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:rational_rhapsody_design_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:rational_engineering_lifecycle_manager");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");
script_dependencies("ibm_enum_products.nbin");
script_require_ports(
"installed_sw/Design Management for IBM Rational Software Architect",
"installed_sw/Design Management for IBM Rational Rhapsody",
"installed_sw/Rational Engineering Lifecycle Manager"
);
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("install_func.inc");
vuln_matrix = make_array(
"Design Management for IBM Rational Software Architect", make_list(
"3.0",
"3.0.0.1000",
"3.0.1000",
"4.0",
"4.0.1000",
"4.0.2000",
"4.0.3000",
"4.0.4000",
"4.0.5000",
"4.0.6000",
"5.0"
),
"Design Management for IBM Rational Rhapsody", make_list(
"3.0",
"3.0.0.1000",
"3.0.1000",
"4.0",
"4.0.1000",
"4.0.2000",
"4.0.3000",
"4.0.4000",
"4.0.5000",
"4.0.6000",
"5.0"
),
"Rational Engineering Lifecycle Manager", make_list(
"1.0",
"1.0.0.1000",
"4.0.3000",
"4.0.4000",
"4.0.5000",
"4.0.6000",
"5.0"
)
);
# Check each product in a different thread
app_name = branch(
make_list(
"Design Management for IBM Rational Software Architect",
"Design Management for IBM Rational Rhapsody",
"Rational Engineering Lifecycle Manager"
)
);
install = get_single_install(app_name:app_name);
path = install['path'];
version = install['version'];
fix = "4.0.7000 / 5.0.1000";
vuln = FALSE;
foreach vuln_version (vuln_matrix[app_name])
{
if (ver_compare(ver:version, fix:vuln_version, strict:FALSE) == 0)
{
vuln = TRUE;
break;
}
}
if (vuln)
{
port = 0;
set_kb_item(name:'www/'+port+'/XSRF', value:TRUE);
if (report_verbosity > 0)
{
report =
'\n Application : ' + app_name +
'\n Path : ' + path +
'\n Installed version : ' + version +
'\n Fixed version : ' + fix +
'\n';
security_warning(extra:report, port:port);
}
else security_warning(port);
exit(0);
}
else audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, path);
{"id": "IBM_RATIONAL_SWG21682120.NASL", "bulletinFamily": "scanner", "title": "IBM Rational Software Architect Design Manager / Engineering Lifecycle Manager / Rhapsody Design Manager < 4.0.7 XSRF", "description": "According to its self reported version, the install of Rational Engineering Lifecycle Manager, Rational Software Architect Design Manager, and/or Rhapsody Design Manager on the remote host is affected by a cross-site request forgery in the IBM Configuration Management Application (VVC) component due to improper validation of user-supplied data. An attacker can exploit this vulnerability by convincing an authenticated user to visit a malicious website and hijacking the authentication via a malformed HTTP request, allowing the attacker to perform cross-site scripting attacks, web cache poisoning, and other malicious activities.", "published": "2014-11-21T00:00:00", "modified": "2018-07-12T00:00:00", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=79384", "reporter": "Tenable", "references": ["http://www-01.ibm.com/support/docview.wss?uid=swg21682120"], "cvelist": ["CVE-2014-3037"], "type": "nessus", "lastseen": "2018-07-13T09:46:06", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2014-3037"], "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "According to its self reported version, the install of Rational Engineering Lifecycle Manager, Rational Software Architect Design Manager, and/or Rhapsody Design Manager on the remote host is affected by a cross-site request forgery in the IBM Configuration Management Application (VVC) component due to improper validation of user-supplied data. An attacker can exploit this vulnerability by convincing an authenticated user to visit a malicious website and hijacking the authentication via a malformed HTTP request, allowing the attacker to perform cross-site scripting attacks, web cache poisoning, and other malicious activities.", "edition": 2, "enchantments": {}, "hash": "fac0c755dc24a6999684210f3e0c0349e7966e968c2e181897d665592dd8a38f", "hashmap": [{"hash": "4e37de7cba38c0cab02ae7742b376f1f", "key": "references"}, {"hash": "74f40f6ff4b8eab922d9e2fcdfb1a527", "key": "title"}, {"hash": "c8e530d74e74e05eb667b2ed1bc7849e", "key": "cvelist"}, {"hash": "70b4d3e0b3d5c9c9869bf1fee1aebe19", "key": "pluginID"}, {"hash": "c90883e2fad427222772b0ed7d5d7a49", "key": "published"}, {"hash": "f988dc6e0b4d047c838adcca890ea132", "key": "naslFamily"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "036b9571ee9124f52fa66f605afb1f57", "key": "sourceData"}, {"hash": "bcd8abde7f060a8789d08ba0ba73d345", "key": "modified"}, {"hash": "dd084251f4f60863f051a7fd5f313220", "key": "description"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71717586109ac8840ecbf83f35a060b1", "key": "href"}, {"hash": "61a37396f8fc8545e5dc3fd73288ce16", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=79384", "id": "IBM_RATIONAL_SWG21682120.NASL", "lastseen": "2016-10-13T21:24:18", "modified": "2016-10-13T00:00:00", "naslFamily": "Misc.", "objectVersion": "1.2", "pluginID": "79384", "published": "2014-11-21T00:00:00", "references": ["http://www-01.ibm.com/support/docview.wss?uid=swg21682120"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79384);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2016/10/13 14:27:26 $\");\n\n script_cve_id(\"CVE-2014-3037\");\n script_bugtraq_id(69658);\n script_osvdb_id(110791);\n\n script_name(english:\"IBM Rational Software Architect Design Manager / Engineering Lifecycle Manager / Rhapsody Design Manager < 4.0.7 XSRF\");\n script_summary(english:\"Checks the version of RSA/RDM/RELM.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by a cross-site request forgery\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self reported version, the install of Rational\nEngineering Lifecycle Manager, Rational Software Architect Design\nManager, and/or Rhapsody Design Manager on the remote host is affected\nby a cross-site request forgery in the IBM Configuration Management\nApplication (VVC) component due to improper validation of\nuser-supplied data. An attacker can exploit this vulnerability by\nconvincing an authenticated user to visit a malicious website and\nhijacking the authentication via a malformed HTTP request, allowing\nthe attacker to perform cross-site scripting attacks, web cache\npoisoning, and other malicious activities.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21682120\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM Rational Software Architect Design Manager /\nEngineering Lifecycle Manager / Rhapsody Design Manager version 4.0.7,\n5.0.1, or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:rational_software_architect_design_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:rational_rhapsody_design_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:rational_engineering_lifecycle_manager\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ibm_enum_products.nbin\");\n script_require_ports(\n \"installed_sw/Design Management for IBM Rational Software Architect\",\n \"installed_sw/Design Management for IBM Rational Rhapsody\",\n \"installed_sw/Rational Engineering Lifecycle Manager\"\n );\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nvuln_matrix = make_array(\n \"Design Management for IBM Rational Software Architect\", make_list(\n \"3.0\",\n \"3.0.0.1000\",\n \"3.0.1000\",\n \"4.0\",\n \"4.0.1000\",\n \"4.0.2000\",\n \"4.0.3000\",\n \"4.0.4000\",\n \"4.0.5000\",\n \"4.0.6000\",\n \"5.0\"\n ),\n \"Design Management for IBM Rational Rhapsody\", make_list(\n \"3.0\",\n \"3.0.0.1000\",\n \"3.0.1000\",\n \"4.0\",\n \"4.0.1000\",\n \"4.0.2000\",\n \"4.0.3000\",\n \"4.0.4000\",\n \"4.0.5000\",\n \"4.0.6000\",\n \"5.0\"\n ),\n \"Rational Engineering Lifecycle Manager\", make_list(\n \"1.0\",\n \"1.0.0.1000\",\n \"4.0.3000\",\n \"4.0.4000\",\n \"4.0.5000\",\n \"4.0.6000\",\n \"5.0\"\n )\n);\n\n# Check each product in a different thread\napp_name = branch(\n make_list(\n \"Design Management for IBM Rational Software Architect\",\n \"Design Management for IBM Rational Rhapsody\",\n \"Rational Engineering Lifecycle Manager\"\n )\n);\n\ninstall = get_single_install(app_name:app_name);\npath = install['path'];\nversion = install['version'];\n\nfix = \"4.0.7000 / 5.0.1000\";\n\nvuln = FALSE;\nforeach vuln_version (vuln_matrix[app_name])\n{\n if (ver_compare(ver:version, fix:vuln_version, strict:FALSE) == 0)\n {\n vuln = TRUE;\n break;\n }\n}\n\nif (vuln)\n{\n port = 0;\n set_kb_item(name:'www/'+port+'/XSRF', value:TRUE);\n if (report_verbosity > 0)\n {\n report =\n '\\n Application : ' + app_name +\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n\n security_warning(extra:report, port:port);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, path);\n", "title": "IBM Rational Software Architect Design Manager / Engineering Lifecycle Manager / Rhapsody Design Manager < 4.0.7 XSRF", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 2, "lastseen": "2016-10-13T21:24:18"}, {"bulletin": {"bulletinFamily": "exploit", "cvelist": ["CVE-2014-3037"], "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "According to its self reported version, the install of Rational Engineering Lifecycle Manager, Rational Software Architect Design Manager, and/or Rhapsody Design Manager on the remote host is affected by a cross-site request forgery in the IBM Configuration Management Application (VVC) component due to improper validation of user-supplied data. An attacker can exploit this vulnerability by convincing an authenticated user to visit a malicious website and hijacking the authentication via a malformed HTTP request, allowing the attacker to perform cross-site scripting attacks, web cache poisoning, and other malicious activities.", "edition": 1, "hash": "e6baff1b75a54a939bcf3e7581da4af8cf73a732c5055af3c82de7d6aa8dcce4", "hashmap": [{"hash": "4e37de7cba38c0cab02ae7742b376f1f", "key": "references"}, {"hash": "74f40f6ff4b8eab922d9e2fcdfb1a527", "key": "title"}, {"hash": "c8e530d74e74e05eb667b2ed1bc7849e", "key": "cvelist"}, {"hash": "70b4d3e0b3d5c9c9869bf1fee1aebe19", "key": "pluginID"}, {"hash": "c90883e2fad427222772b0ed7d5d7a49", "key": "published"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "f988dc6e0b4d047c838adcca890ea132", "key": "naslFamily"}, {"hash": "c0e344862544fa0d0a5e8733d8b04a83", "key": "sourceData"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "c90883e2fad427222772b0ed7d5d7a49", "key": "modified"}, {"hash": "dd084251f4f60863f051a7fd5f313220", "key": "description"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71717586109ac8840ecbf83f35a060b1", "key": "href"}, {"hash": "61a37396f8fc8545e5dc3fd73288ce16", "key": "cvss"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=79384", "id": "IBM_RATIONAL_SWG21682120.NASL", "lastseen": "2016-09-26T17:24:10", "modified": "2014-11-21T00:00:00", "naslFamily": "Misc.", "objectVersion": "1.2", "pluginID": "79384", "published": "2014-11-21T00:00:00", "references": ["http://www-01.ibm.com/support/docview.wss?uid=swg21682120"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79384);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2014/11/21 12:18:46 $\");\n\n script_cve_id(\"CVE-2014-3037\");\n script_bugtraq_id(69658);\n script_osvdb_id(110791);\n\n script_name(english:\"IBM Rational Software Architect Design Manager / Engineering Lifecycle Manager / Rhapsody Design Manager < 4.0.7 XSRF\");\n script_summary(english:\"Checks the version of RSA/RDM/RELM.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by a cross-site request forgery\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self reported version, the install of Rational\nEngineering Lifecycle Manager, Rational Software Architect Design\nManager, and/or Rhapsody Design Manager on the remote host is affected\nby a cross-site request forgery in the IBM Configuration Management\nApplication (VVC) component due to improper validation of\nuser-supplied data. An attacker can exploit this vulnerability by\nconvincing an authenticated user to visit a malicious website and\nhijacking the authentication via a malformed HTTP request, allowing\nthe attacker to perform cross-site scripting attacks, web cache\npoisoning, and other malicious activities.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21682120\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM Rational Software Architect Design Manager /\nEngineering Lifecycle Manager / Rhapsody Design Manager version 4.0.7,\n5.0.1, or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:rational_software_architect_design_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:rational_rhapsody_design_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:rational_engineering_lifecycle_manager\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ibm_enum_products.nbin\");\n script_require_ports(\n \"installed_sw/Design Management for IBM Rational Software Architect\",\n \"installed_sw/Design Management for IBM Rational Rhapsody\",\n \"installed_sw/Rational Engineering Lifecycle Manager\"\n );\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nvuln_matrix = make_array(\n \"Design Management for IBM Rational Software Architect\", make_list(\n \"3.0\",\n \"3.0.0.1000\",\n \"3.0.1000\",\n \"4.0\",\n \"4.0.1000\",\n \"4.0.2000\",\n \"4.0.3000\",\n \"4.0.4000\",\n \"4.0.5000\",\n \"4.0.6000\",\n \"5.0\"\n ),\n \"Design Management for IBM Rational Rhapsody\", make_list(\n \"3.0\",\n \"3.0.0.1000\",\n \"3.0.1000\",\n \"4.0\",\n \"4.0.1000\",\n \"4.0.2000\",\n \"4.0.3000\",\n \"4.0.4000\",\n \"4.0.5000\",\n \"4.0.6000\",\n \"5.0\"\n ),\n \"Rational Engineering Lifecycle Manager\", make_list(\n \"1.0\",\n \"1.0.0.1000\",\n \"4.0.3000\",\n \"4.0.4000\",\n \"4.0.5000\",\n \"4.0.6000\",\n \"5.0\"\n )\n);\n\n# Check each product in a different thread\napp_name = branch(\n make_list(\n \"Design Management for IBM Rational Software Architect\",\n \"Design Management for IBM Rational Rhapsody\",\n \"Rational Engineering Lifecycle Manager\"\n )\n);\n\ninstall = get_single_install(app_name:app_name);\npath = install['path'];\nversion = install['version'];\n\nfix = \"4.0.7000 / 5.0.1000\";\n\nvuln = FALSE;\nforeach vuln_version (vuln_matrix[app_name])\n{\n if (ver_compare(ver:version, fix:vuln_version, strict:FALSE) == 0)\n {\n vuln = TRUE;\n break;\n }\n}\n\nif (vuln)\n{\n port = 0;\n set_kb_item(name:'www/'+port+'/XSRF', value:TRUE);\n if (report_verbosity > 0)\n {\n report =\n '\\n Application : ' + app_name +\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n\n security_warning(extra:report, port:port);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, path);\n", "title": "IBM Rational Software Architect Design Manager / Engineering Lifecycle Manager / Rhapsody Design Manager < 4.0.7 XSRF", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2016-09-26T17:24:10"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/a:ibm:rational_rhapsody_design_manager", "cpe:/a:ibm:rational_software_architect_design_manager", "cpe:/a:ibm:rational_engineering_lifecycle_manager"], "cvelist": ["CVE-2014-3037"], "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "According to its self reported version, the install of Rational Engineering Lifecycle Manager, Rational Software Architect Design Manager, and/or Rhapsody Design Manager on the remote host is affected by a cross-site request forgery in the IBM Configuration Management Application (VVC) component due to improper validation of user-supplied data. An attacker can exploit this vulnerability by convincing an authenticated user to visit a malicious website and hijacking the authentication via a malformed HTTP request, allowing the attacker to perform cross-site scripting attacks, web cache poisoning, and other malicious activities.", "edition": 3, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "hash": "689d72400d835795c09322e983f41c7beb55380869188c021acd08589e8abe97", "hashmap": [{"hash": "4e37de7cba38c0cab02ae7742b376f1f", "key": "references"}, {"hash": "74f40f6ff4b8eab922d9e2fcdfb1a527", "key": "title"}, {"hash": "c8e530d74e74e05eb667b2ed1bc7849e", "key": "cvelist"}, {"hash": "70b4d3e0b3d5c9c9869bf1fee1aebe19", "key": "pluginID"}, {"hash": "c90883e2fad427222772b0ed7d5d7a49", "key": "published"}, {"hash": "f988dc6e0b4d047c838adcca890ea132", "key": "naslFamily"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "dafff5751bcf797899dde9bde251f0f9", "key": "cpe"}, {"hash": "036b9571ee9124f52fa66f605afb1f57", "key": "sourceData"}, {"hash": "bcd8abde7f060a8789d08ba0ba73d345", "key": "modified"}, {"hash": "dd084251f4f60863f051a7fd5f313220", "key": "description"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71717586109ac8840ecbf83f35a060b1", "key": "href"}, {"hash": "61a37396f8fc8545e5dc3fd73288ce16", "key": "cvss"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=79384", "id": "IBM_RATIONAL_SWG21682120.NASL", "lastseen": "2017-10-29T13:36:41", "modified": "2016-10-13T00:00:00", "naslFamily": "Misc.", "objectVersion": "1.3", "pluginID": "79384", "published": "2014-11-21T00:00:00", "references": ["http://www-01.ibm.com/support/docview.wss?uid=swg21682120"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79384);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2016/10/13 14:27:26 $\");\n\n script_cve_id(\"CVE-2014-3037\");\n script_bugtraq_id(69658);\n script_osvdb_id(110791);\n\n script_name(english:\"IBM Rational Software Architect Design Manager / Engineering Lifecycle Manager / Rhapsody Design Manager < 4.0.7 XSRF\");\n script_summary(english:\"Checks the version of RSA/RDM/RELM.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by a cross-site request forgery\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self reported version, the install of Rational\nEngineering Lifecycle Manager, Rational Software Architect Design\nManager, and/or Rhapsody Design Manager on the remote host is affected\nby a cross-site request forgery in the IBM Configuration Management\nApplication (VVC) component due to improper validation of\nuser-supplied data. An attacker can exploit this vulnerability by\nconvincing an authenticated user to visit a malicious website and\nhijacking the authentication via a malformed HTTP request, allowing\nthe attacker to perform cross-site scripting attacks, web cache\npoisoning, and other malicious activities.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21682120\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM Rational Software Architect Design Manager /\nEngineering Lifecycle Manager / Rhapsody Design Manager version 4.0.7,\n5.0.1, or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:rational_software_architect_design_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:rational_rhapsody_design_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:rational_engineering_lifecycle_manager\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ibm_enum_products.nbin\");\n script_require_ports(\n \"installed_sw/Design Management for IBM Rational Software Architect\",\n \"installed_sw/Design Management for IBM Rational Rhapsody\",\n \"installed_sw/Rational Engineering Lifecycle Manager\"\n );\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nvuln_matrix = make_array(\n \"Design Management for IBM Rational Software Architect\", make_list(\n \"3.0\",\n \"3.0.0.1000\",\n \"3.0.1000\",\n \"4.0\",\n \"4.0.1000\",\n \"4.0.2000\",\n \"4.0.3000\",\n \"4.0.4000\",\n \"4.0.5000\",\n \"4.0.6000\",\n \"5.0\"\n ),\n \"Design Management for IBM Rational Rhapsody\", make_list(\n \"3.0\",\n \"3.0.0.1000\",\n \"3.0.1000\",\n \"4.0\",\n \"4.0.1000\",\n \"4.0.2000\",\n \"4.0.3000\",\n \"4.0.4000\",\n \"4.0.5000\",\n \"4.0.6000\",\n \"5.0\"\n ),\n \"Rational Engineering Lifecycle Manager\", make_list(\n \"1.0\",\n \"1.0.0.1000\",\n \"4.0.3000\",\n \"4.0.4000\",\n \"4.0.5000\",\n \"4.0.6000\",\n \"5.0\"\n )\n);\n\n# Check each product in a different thread\napp_name = branch(\n make_list(\n \"Design Management for IBM Rational Software Architect\",\n \"Design Management for IBM Rational Rhapsody\",\n \"Rational Engineering Lifecycle Manager\"\n )\n);\n\ninstall = get_single_install(app_name:app_name);\npath = install['path'];\nversion = install['version'];\n\nfix = \"4.0.7000 / 5.0.1000\";\n\nvuln = FALSE;\nforeach vuln_version (vuln_matrix[app_name])\n{\n if (ver_compare(ver:version, fix:vuln_version, strict:FALSE) == 0)\n {\n vuln = TRUE;\n break;\n }\n}\n\nif (vuln)\n{\n port = 0;\n set_kb_item(name:'www/'+port+'/XSRF', value:TRUE);\n if (report_verbosity > 0)\n {\n report =\n '\\n Application : ' + app_name +\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n\n security_warning(extra:report, port:port);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, path);\n", "title": "IBM Rational Software Architect Design Manager / Engineering Lifecycle Manager / Rhapsody Design Manager < 4.0.7 XSRF", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 3, "lastseen": "2017-10-29T13:36:41"}], "edition": 4, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "dafff5751bcf797899dde9bde251f0f9"}, {"key": "cvelist", "hash": "c8e530d74e74e05eb667b2ed1bc7849e"}, {"key": "cvss", "hash": "61a37396f8fc8545e5dc3fd73288ce16"}, {"key": "description", "hash": "dd084251f4f60863f051a7fd5f313220"}, {"key": "href", "hash": "71717586109ac8840ecbf83f35a060b1"}, {"key": "modified", "hash": "f5e850f1985da305c7f9475708cd4d52"}, {"key": "naslFamily", "hash": "f988dc6e0b4d047c838adcca890ea132"}, {"key": "pluginID", "hash": "70b4d3e0b3d5c9c9869bf1fee1aebe19"}, {"key": "published", "hash": "c90883e2fad427222772b0ed7d5d7a49"}, {"key": "references", "hash": "4e37de7cba38c0cab02ae7742b376f1f"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "7195c073a0a1e9959cc792d0e1af29d3"}, {"key": "title", "hash": "74f40f6ff4b8eab922d9e2fcdfb1a527"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "fa27a9636bbe52c70a9818ab219fbfae77fb9ea21ff76753750cb2c7142f2213", "viewCount": 0, "enchantments": {"vulnersScore": 4.3}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79384);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/07/12 19:01:16\");\n\n script_cve_id(\"CVE-2014-3037\");\n script_bugtraq_id(69658);\n\n script_name(english:\"IBM Rational Software Architect Design Manager / Engineering Lifecycle Manager / Rhapsody Design Manager < 4.0.7 XSRF\");\n script_summary(english:\"Checks the version of RSA/RDM/RELM.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by a cross-site request forgery\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self reported version, the install of Rational\nEngineering Lifecycle Manager, Rational Software Architect Design\nManager, and/or Rhapsody Design Manager on the remote host is affected\nby a cross-site request forgery in the IBM Configuration Management\nApplication (VVC) component due to improper validation of\nuser-supplied data. An attacker can exploit this vulnerability by\nconvincing an authenticated user to visit a malicious website and\nhijacking the authentication via a malformed HTTP request, allowing\nthe attacker to perform cross-site scripting attacks, web cache\npoisoning, and other malicious activities.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21682120\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM Rational Software Architect Design Manager /\nEngineering Lifecycle Manager / Rhapsody Design Manager version 4.0.7,\n5.0.1, or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:rational_software_architect_design_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:rational_rhapsody_design_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:rational_engineering_lifecycle_manager\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ibm_enum_products.nbin\");\n script_require_ports(\n \"installed_sw/Design Management for IBM Rational Software Architect\",\n \"installed_sw/Design Management for IBM Rational Rhapsody\",\n \"installed_sw/Rational Engineering Lifecycle Manager\"\n );\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nvuln_matrix = make_array(\n \"Design Management for IBM Rational Software Architect\", make_list(\n \"3.0\",\n \"3.0.0.1000\",\n \"3.0.1000\",\n \"4.0\",\n \"4.0.1000\",\n \"4.0.2000\",\n \"4.0.3000\",\n \"4.0.4000\",\n \"4.0.5000\",\n \"4.0.6000\",\n \"5.0\"\n ),\n \"Design Management for IBM Rational Rhapsody\", make_list(\n \"3.0\",\n \"3.0.0.1000\",\n \"3.0.1000\",\n \"4.0\",\n \"4.0.1000\",\n \"4.0.2000\",\n \"4.0.3000\",\n \"4.0.4000\",\n \"4.0.5000\",\n \"4.0.6000\",\n \"5.0\"\n ),\n \"Rational Engineering Lifecycle Manager\", make_list(\n \"1.0\",\n \"1.0.0.1000\",\n \"4.0.3000\",\n \"4.0.4000\",\n \"4.0.5000\",\n \"4.0.6000\",\n \"5.0\"\n )\n);\n\n# Check each product in a different thread\napp_name = branch(\n make_list(\n \"Design Management for IBM Rational Software Architect\",\n \"Design Management for IBM Rational Rhapsody\",\n \"Rational Engineering Lifecycle Manager\"\n )\n);\n\ninstall = get_single_install(app_name:app_name);\npath = install['path'];\nversion = install['version'];\n\nfix = \"4.0.7000 / 5.0.1000\";\n\nvuln = FALSE;\nforeach vuln_version (vuln_matrix[app_name])\n{\n if (ver_compare(ver:version, fix:vuln_version, strict:FALSE) == 0)\n {\n vuln = TRUE;\n break;\n }\n}\n\nif (vuln)\n{\n port = 0;\n set_kb_item(name:'www/'+port+'/XSRF', value:TRUE);\n if (report_verbosity > 0)\n {\n report =\n '\\n Application : ' + app_name +\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n\n security_warning(extra:report, port:port);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, path);\n", "naslFamily": "Misc.", "pluginID": "79384", "cpe": ["cpe:/a:ibm:rational_rhapsody_design_manager", "cpe:/a:ibm:rational_software_architect_design_manager", "cpe:/a:ibm:rational_engineering_lifecycle_manager"]}
{"result": {"cve": [{"id": "CVE-2014-3037", "type": "cve", "title": "CVE-2014-3037", "description": "Cross-site request forgery (CSRF) vulnerability in IBM Configuration Management Application (aka VVC) in IBM Rational Engineering Lifecycle Manager before 4.0.7 and 5.x before 5.0.1, Rational Software Architect Design Manager before 4.0.7 and 5.x before 5.0.1, and Rational Rhapsody Design Manager before 4.0.7 and 5.x before 5.0.1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.", "published": "2014-09-10T06:55:07", "cvss": {"score": 6.0, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3037", "cvelist": ["CVE-2014-3037"], "lastseen": "2017-08-29T10:48:14"}]}}
