CVE-2014-6140

2014-12-0615:59:04

CWE-310

[email protected]

web.nvd.nist.gov

ibm

tivoli

endpoint manager

mobile device management

mdm

remote code execution

cve-2014-6140

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.5%

JSON

IBM Tivoli Endpoint Manager Mobile Device Management (MDM) before 9.0.60100 uses the same secret HMAC token across different customers’ installations, which allows remote attackers to execute arbitrary code via crafted marshalled Ruby objects in cookies to (1) Enrollment and Apple iOS Management Extender, (2) Self-service portal, (3) Trusted Services provider, or (4) Admin Portal.

Affected configurations

NVD

Node

ibmtivoli_endpoint_manager_mobile_device_managementRange≤9.0

CPENameOperatorVersion
ibm:tivoli_endpoint_manager_mobile_device_managementibm tivoli endpoint manager mobile device managementle9.0

CPE	Name	Operator	Version
ibm:tivoli_endpoint_manager_mobile_device_management	ibm tivoli endpoint manager mobile device management	le	9.0

References

packetstormsecurity.com/files/129349/IBM-Endpoint-Manager-For-Mobile-Devices-Code-Execution.html

seclists.org/fulldisclosure/2014/Dec/3

www-01.ibm.com/support/docview.wss?uid=swg21691701

www.securityfocus.com/archive/1/534131/100/0/threaded

www.securityfocus.com/bid/71424

www.securitytracker.com/id/1031306

www.redteam-pentesting.de/en/advisories/rt-sa-2014-012/-unauthenticated-remote-code-execution-in-ibm-endpoint-manager-mobile-device-management-components