SAINT CorporationSAINT:4323BB9E55DCFF792582CDFE8B06FEACIBM Cognos Express Server Backdoor Account Remote Code Execution
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
79.1%
Added: 05/25/2010
CVE: CVE-2010-0557
BID: 38084
OSVDB: 62118
Background
IBM Cognos Express is an integrated business intelligence (BI) and planning solution which delivers the essential reporting, analysis, dashboard, scorecard, planning, budgeting and forecasting capabilities that midsize companies need.
Problem
The vulnerability is due to hard-coded user credentials, with manager-level permissions, installed by default in the user configuration of the bundled Tomcat Manager server. Remote unauthenticated attackers can exploit this vulnerability by using these credentials to connect to the vulnerable server on port 19300/TCP and deploy a malicious web application on a vulnerable system. Injected code will run with the privileges of the Tomcat server process. On Windows systems, the Tomcat server runs as SYSTEM.
Resolution
Follow the directions in the IBM Advisory SWG21419179.
References
<http://secunia.com/advisories/38457/>
Limitations
Exploit works on IBM Cognos Express 9.0.
Platforms
Windows
Related
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
79.1%