IBM941BE6546248546895E985D918A392B54ED0C65B26F1D77CFD98B3C980077115Security Bulletin: Vulnerabilities in Tomcat affect Power Hardware Management Console (CVE-2013-4444, CVE-2014-0075, CVE-2014-0095, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0227)
EPSS
Percentile
99.3%
Summary
Tomcat is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVEs.
Vulnerability Details
CVEID: CVE-2013-4444 Description: Apache Tomcat could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions by the File Upload feature. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious JSP, which could allow the attacker to execute arbitrary JSP code on the vulnerable system.
CVSS Base Score: 6.0
CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/95876 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:P/I:P/A:P)
CVEID: CVE-2014-0075 Description: Apache Tomcat is vulnerable to a denial of service, caused by the improper handling of a malformed chunk size as part of a chunked request. A remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/93365 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVEID: CVE-2014-0095 Description: Apache Tomcat is vulnerable to a denial of service, caused by the improper handling of an AJP request. A remote attacker could exploit this vulnerability to consume a request processing thread and cause a denial of service.
CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/93366 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVEID: CVE-2014-0096 Description: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an XML External Entity Injection (XXE) error when processing XML data by the default server. By sending specially-crafted XML data, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/93367 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVEID: CVE-2014-0099 Description: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to check for overflows when parsing content length headers. By sending specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/93369 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVEID: CVE-2014-0119 Description: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the replacement of the XML parsers used to process XSLTs for the default servlet. An attacker could exploit this vulnerability using a specially-crafted application to obtain sensitive information.
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/93368 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVEID: CVE-2014-0227 Description: Apache Tomcat is vulnerable to HTTP request smuggling. A remote attacker could send a specially-crafted request in a malformed chunked header to the Web server to cause multiple processing conflicts on the servers. An attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.
CVSS Base Score: 4.300
CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/100751 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVE**-ID**:CVE-2014-0230 Description: Apache Tomcat is vulnerable to a denial of service, caused by an error when uploading files. An attacker could exploit this vulnerability to consume all available memory resources.
CVSS Base Score: 5.000
CVSS Temporal Score: https://exchange.xforce.ibmcloud.com/#/vulnerabilities/102131 for current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Affected Products and Versions
Power HMC V7.7.3.0
Power HMC V7.7.8.0
Power HMC V7.7.9.0
Power HMC V8.1.0.0
Power HMC V8.2.0.0
Remediation/Fixes
The Following fixes are available on IBM Fix Central at <http://www-933.ibm.com/support/fixcentral/>
| Product | VRMF | APAR | Remediation/First Fix |
|---|---|---|---|
| Power HMC | V7.7.3.0 SP7 | MB03905 | Apply eFix MH01517 |
| Power HMC | V7.7.8.0 SP2 | MB03906 | Apply eFix MH01518 |
| Power HMC | V7.7.9.0 SP2 | MB03907 | Apply eFix MH01519 |
| Power HMC | V8.8.1.0 | MB03834 | Apply Service Pack MH01452 (SP2) |
| Power HMC | V8.8.2.0 SP1 | MB03910 | Apply eFix MH01521 |
Note:
1. For unsupported releases IBM recommends upgrading to a fixed, supported release of the product.
2. After applying the PTF, you should restart the HMC.
3. HMC V7.7.3 support is extended only for managing the Power 775 (9125-F2C) also called “PERCS” and “IH”. End Of Service date for managing all other server models was 2013.05.31.
Workarounds and Mitigations
None
Related
EPSS
Percentile
99.3%