|
Systems Affected
- Red Hat Enterprise Linux Server 5
- Red Hat Enterprise Linux WS/Desktop 5
- Red Hat Enterprise Linux Server 6
- Red Hat Enterprise Linux WS/Desktop 6
Threat Level
Overview
IBM SmartCloud Analytics - Log Analysis bundles ITM component (ax IBM Tivoli Monitoring Shared Libraries, version 6.2.2 FP9). Five vulnerabilities have been discovered in this ITM Component.
Description
Tivoli Monitoring internal web server can be driven by a commonly available command (wget) to forward an http request to another server via this affected component without being recorded.
Impact
- Cross-site Scripting -- Remote with User Interaction
- Denial of Service -- Remote with User Interaction
- Provide Misleading Information -- Remote with User Interaction
Solution/ Workarounds
Patch/Upgrade
References
http://www-01.ibm.com/support/docview.wss?uid=swg21651226
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
|
