10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
6.6 Medium
AI Score
Confidence
Low
0.964 High
EPSS
Percentile
99.6%
IBM Operations Analytics Predictive Insights uses Apache ActiveMQ software, as a core module in processing analytics data. The vulnerability (CVE-2023-46604) found in Apache ActiveMQ could be exploited to download and infect Linux systems with the Kinsing malware. This bulletin identifies the steps to take to address the vulnerability.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) |
---|---|
IBM Operations Analytics Predictive Insights | 1.3.6 |
See the following link for details of the vulnerability addressed by this procedure.
<https://activemq.apache.org/news/cve-2023-46604>
Step One: If not applied already, apply Predictive Insights 1.3.6 Interim Fix 7
Note: Installation of iFix 7 is a requirement. iFix7 can be found in IBM FixCentral: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Tivoli/IBM+SmartCloud+Analyticsยฑ+Predictive+Insights&release=1.3.6
Step Two: Apply the required FixPack 20 on JazzSM 1.1.3
JazzSM 1.1.3.20 can be found in IBM Fix Central here: https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=ibm%7ETivoli&product=ibm/Tivoli/Jazz+for+Service+Management&release=All&platform=All&function=fixId&fixids=1.1.3-TIV-JazzSM-multi-FP020&includeRequisites=1&includeSupersedes=0&downloadMethod=http
_Please consider the following supporting README doc file <https://www.ibm.com/support/pages/node/7083923> _
Step Three: Copy the latest version of Apache ActiveMQ jar files from JazzSM FP20 to the Predictive Insights UI server profile /lib directory.
A. Stop Predictive Insights UI server: /home/scadmin/IBM/scanalytics/UI/bin/pi.sh -stop
B. Copy activemq jars from JazzSM FP20 install to Predictive Insights piserver Liberty profile:
_cp /opt/IBM/JazzSM/profile/installedApps/JazzSMNode01Cell/isc.ear/activemq-all-5.16.7.jar /opt/IBM/scanalytics/UI/wlp/usr/servers/piserver/apps/com.ibm.tivoli.rest.ear/lib/ _
cp /opt/IBM/JazzSM/profile/installedApps/JazzSMNode01Cell/isc.ear/activemq-web-5.16.7.jar /opt/IBM/scanalytics/UI/wlp/usr/servers/piserver/apps/com.ibm.tivoli.rest.ear/lib/
C. Remove (/move) the older versions:
mv /opt/IBM/scanalytics/UI/wlp/usr/servers/piserver/apps/com.ibm.tivoli.rest.ear/lib/activemq-all-5.16.4.jar ~/ mv /opt/IBM/scanalytics/UI/wlp/usr/servers/piserver/apps/com.ibm.tivoli.rest.ear/lib/activemq-web-5.16.4.jar ~/
D. Start the Predictive Insights UI server: /opt/IBM/scanalytics/UI/bin/pi.sh -start --clean
Done
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm operations analytics predictive insights | eq | 1.3.6 |
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
6.6 Medium
AI Score
Confidence
Low
0.964 High
EPSS
Percentile
99.6%