Security Bulletin: TADDM – Security improvement: BIRT-Report Viewer application vulnerable to directory traversal attack.

Summary

TADDM security improvement deployed started from TADDM 7.2.1.5 and in TADDM 7.2.2 avoids vulnerability in embedded TADDM BIRT-Report Viewer application.

Vulnerability Details

CVE-2013-3004
Description
Embedded in TADDM BIRT-Report Viewer application component was found to be vulnerable to a directory traversal attack that allows for arbitrary files to be read from the underlying server.

CVSS Base Score: 3.5
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/84145&gt;
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:P/I:N/A:N)

Affected Products and Versions

TADDM 7.1.2, 7.2.0.0 through 7.2.1.4 (later TADDM releases contain parameter that allow to disable BIRT-Report)

Remediation/Fixes

Upgrade to TADDM 7.2.1.5 or 7.2.2.0.
Starting with TADDM version 7.2.1.5 and 7.2.2.0 we have added a $COLLATION_HOME/dist/collation.properties value to disable BIRT reports:
com.ibm.taddm.birtviewer.enabled=false (default is true)
This parameter change requires a restart of TADDM server.
If you are unable to upgrade apply workaround, or please contact IBM Support.

Workarounds and Mitigations

1. Stop TADDM server
2. Remove (or backup):
$COLLATION_HOME/dist/deploy-tomcat/birt-viewer ,
and $COLLATION_HOME/external/apache-tomcat-x.x.xx/work/Catalina/localhost directory,
3. Start TADDM server
4. Data Management Portal user will not able to run the BIRT reports.