IBM Algorithmics RICOS multiple security vulnerabilities

Information leakage, crossite scripting, CSRF, privilege escalation, unauthorized accesss...

SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory 20140630-0 ======================================================================= title: Multiple severe vulnerabilities product: IBM Algorithmics RICOS vulnerable version: 4.5.0 - 4.7.0 fixed version:...

IBM-Algorithmics-RICOS 4.7.0 /ricos470/Executer 信息泄漏漏洞

No description provided by source...

CVE-2014-0866

RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics sends cleartext credentials over HTTP, which allows remote attackers to obtain sensitive information by sniffing the network...

CVE-2014-0870

Multiple cross-site scripting XSS vulnerabilities in RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allow remote attackers to inject arbitrary web script or HTML via 1 the Message parameter to rcore6/main/showerror.jsp, 2 the ButtonsetClass...

CVE-2014-0864

Multiple cross-site request forgery CSRF vulnerabilities in Executer in RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allow remote attackers to hijack the authentication of arbitrary users for requests that change 1 a deal's currency or 2 a...

CVE-2014-0867

rcore6/main/addcookie.jsp in RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to create or modify cookies via the query string...

CVE-2014-0865

RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intended dual-control restrictions and modify data via crafted serialized objects, as demonstrated by limi...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allow remote attackers to inject arbitrary web script or HTML via 1 the Message parameter to rcore6/main/showerror.jsp, 2 the ButtonsetClass...

Design/Logic Flaw

RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows context-dependent attackers to discover database credentials by reading the DbUser and DbPass fields in an XML document...

Information disclosure

RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to obtain potentially sensitive Tomcat stack-trace information via non-printing characters in a cookie to the /classes/ URI, as demonstrated by the \x00 character...

Design/Logic Flaw

rcore6/main/addcookie.jsp in RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to create or modify cookies via the query string...

CVE-2014-0865

CVE-2014-0865 affects IBM Algorithmics RICOS (Algo Credit Limits) Web/Fat-Client UI components. The vulnerability stems from the product relying on client-side input validation, allowing an authenticated user to bypass dual-control restrictions and modify data (e.g., limits) via crafted serialize...

CVE-2014-0870

Multiple cross-site scripting XSS vulnerabilities in RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allow remote attackers to inject arbitrary web script or HTML via 1 the Message parameter to rcore6/main/showerror.jsp, 2 the ButtonsetClass...

CVE-2014-0871

CVE-2014-0871 affects IBM Algorithmics RICOS (ACLIM) versions 4.5.0–4.7.0. The issue allows information disclosure via Tomcat error messages that leak environment details, triggered by non-printing characters (e.g., 0x00) in a cookie to the /classes/ URI. IBM’s SEC Consult advisory and the IBM Se...

CVE-2014-0867

CVE-2014-0867 affects IBM Algo Credit Limits (RICOS) Web GUI, specifically rcore6/main/addcookie.jsp. The root cause is that a page in ACLM Web GUI could set/overwrite cookies for a user via manipulated links, enabling Cross-Site Cookie Setting. Affected versions are IBM Algo Credit Limits 4.5.0–...

CVE-2014-0871

RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to obtain potentially sensitive Tomcat stack-trace information via non-printing characters in a cookie to the /classes/ URI, as demonstrated by the \x00 character...

CVE-2014-0865

RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intended dual-control restrictions and modify data via crafted serialized objects, as demonstrated by limi...

CVE-2014-0864

CVE-2014-0864 concerns IBM Algo Credit Limits (RICOS) 4.5.0–4.7.0. A CSRF in the ACLM Web GUI allows remote attackers to hijack a victim’s session to perform tasks such as changing a deal’s currency or limits via a crafted request. Root cause per vendor advisories: the web GUI does not verify req...

CVE-2014-0894

Summary: CVE-2014-0894 affects IBM Algo Credit Limits (RICOS ACLM) versions 4.5.0–4.7.0. Affects ACLM Web GUI; root cause is disclosure of database credentials (DbUser/DbPass) in clear text within an XML document read by the GUI, enabling an attacker to connect to the backend database and manipul...