Lucene search

IBM72818956A4D865CA33DE00AEEAFF56A8380B5992F98B7E5E0BFD774AC8804608

HistoryAug 26, 2022 - 9:28 a.m.

Security Bulletin: Custom "Execution States" names on IBM Engineering Test Management TCER pages are vulnerable to XSS ( CVE-2021-38934 )

2022-08-2609:28:39

www.ibm.com

ibm engineering test management

cross-site scripting

vulnerability

rqm 6.0.6.1

etm 7.0.1

etm 7.0.2

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

19.6%

JSON

Summary

ETM allows customization of “Execution States” names, allowing the injection of XSS payloads and making them vulnerable to XSS. Custom values into the names of “Execution States” are not encoded while displaying them on the “Test Cases Execution Records” (TCER) pages, allowing the execution of Javascript code. This is classified as “CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)”.

Vulnerability Details

CVEID:CVE-2021-38934
**DESCRIPTION:**IBM Engineering Test Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score: 5.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/210671 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

Affected Products and Versions

Affected Product(s)	Version(s)
Rational Quality Manager (RQM)	6.0.6.1
Engineering Test Management (ETM)	7.0.1
ETM	7.0.2
RQM	6.0.6
ETM	7.0.0

Remediation/Fixes

IBM strongly recommends addressing the vulnerability now by upgrading to following IBM Engineering Test Management releases or any version later :

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmengineering_test_managementMatch7.0

ibmengineering_test_managementMatch7.0.1

ibmengineering_test_managementMatch7.0.2

ibmrational_quality_managerMatch6.0.6

ibmrational_quality_managerMatch6.0.6.1

VendorProductVersionCPE
ibmengineering_test_management7.0cpe:2.3:a:ibm:engineering_test_management:7.0:*:*:*:*:*:*:*
ibmengineering_test_management7.0.1cpe:2.3:a:ibm:engineering_test_management:7.0.1:*:*:*:*:*:*:*
ibmengineering_test_management7.0.2cpe:2.3:a:ibm:engineering_test_management:7.0.2:*:*:*:*:*:*:*
ibmrational_quality_manager6.0.6cpe:2.3:a:ibm:rational_quality_manager:6.0.6:*:*:*:*:*:*:*
ibmrational_quality_manager6.0.6.1cpe:2.3:a:ibm:rational_quality_manager:6.0.6.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	engineering_test_management	7.0	cpe:2.3:a:ibm:engineering_test_management:7.0:::::::*
ibm	engineering_test_management	7.0.1	cpe:2.3:a:ibm:engineering_test_management:7.0.1:::::::*
ibm	engineering_test_management	7.0.2	cpe:2.3:a:ibm:engineering_test_management:7.0.2:::::::*
ibm	rational_quality_manager	6.0.6	cpe:2.3:a:ibm:rational_quality_manager:6.0.6:::::::*
ibm	rational_quality_manager	6.0.6.1	cpe:2.3:a:ibm:rational_quality_manager:6.0.6.1:::::::*