Multiple vulnerabilities in IBM ProtecTIER
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2016-2118 CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2115 |
| CWE-ID | CWE-300 CWE-400 CWE-290 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
ProtecTIER Entry Edition (PID 5639-PTC) - TS7610 / TS7620 Server applications / Other server solutions ProtecTIER Appliance Edition (PID 5639-PTB) - TS7650AP1 Server applications / Other server solutions ProtecTIER Enterprise Edition (PID 5639-PTA) - TS7650G Server applications / Other server solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Man-in-the-middle attack
EUVDB-ID: #VU241
Risk: High
CVSSv3.1: 6.2 [CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-2118
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain elevated privileges on the system.
The vulnerability exists due to the acceptance of inadequate authentication levels by the Microsoft Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) remote protocols. A remote attacker can gain elevated privileges on the system by using man-in-the-middle techniques to impersonate an authenticated user against the SAMR or LSAD service and gain access to the Security Account Manager (SAM) database.
Successful exploitation of this vulnerability may result in disclosere of sytem information.
Install update from vendor's website.
Vulnerable software versionsProtecTIER Entry Edition (PID 5639-PTC) - TS7610 / TS7620: All versions
ProtecTIER Appliance Edition (PID 5639-PTB) - TS7650AP1: All versions
ProtecTIER Enterprise Edition (PID 5639-PTA) - TS7650G: All versions
External linkshttp://www.ibm.com/support/pages/node/691257
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Resource exhaustion
EUVDB-ID: #VU234
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2015-5370
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper validation of DCE-RPC packets by the DCE-RPC client and server implementations. A remote attacker can downgrade a secure connection to an insecure one and consume a large amount of CPU resources by using man-in-the-middle techniques.
Successful exploitation of this vulnerability may result in a a denial of service.
Install update from vendor's website.
Vulnerable software versionsProtecTIER Entry Edition (PID 5639-PTC) - TS7610 / TS7620: All versions
ProtecTIER Appliance Edition (PID 5639-PTB) - TS7650AP1: All versions
ProtecTIER Enterprise Edition (PID 5639-PTA) - TS7650G: All versions
External linkshttp://www.ibm.com/support/pages/node/691257
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Man-in-the-middle attack
EUVDB-ID: #VU235
Risk: Medium
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-2110
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions.
The vulnerability exists due to the failure to protect the feature negotiation of NTLMSSP from a downgrade. A remote unauthenticated attacker can bypass security restrictions by using man-in-the-middle techniques to clear NTLMSSP_NEGOTIATE_SIGN and NTLMSSP_NEGOTIATE_SEAL flags and perform downgrade attacks.
Successful exploitation of this vulnerability may result in security restrictions bypass.
Install update from vendor's website.
Vulnerable software versionsProtecTIER Entry Edition (PID 5639-PTC) - TS7610 / TS7620: All versions
ProtecTIER Appliance Edition (PID 5639-PTB) - TS7650AP1: All versions
ProtecTIER Enterprise Edition (PID 5639-PTA) - TS7650G: All versions
External linkshttp://www.ibm.com/support/pages/node/691257
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Man-in-the-middle attack
EUVDB-ID: #VU236
Risk: Medium
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-2111
CWE-ID:
CWE-290 - Authentication Bypass by Spoofing
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to to conduct spoofing attacks.
The vulnerability exists due to an error in the NETLOGON service when a Domain Controller is configured. A remote unauthenticated attacker can conduct spoofing attacks by using a specially crafted application to connect to another domain joined system and access session-related information of the spoofed computer.
Successful exploitation of this vulnerability may result in disclosure of user information.
Install update from vendor's website.
Vulnerable software versionsProtecTIER Entry Edition (PID 5639-PTC) - TS7610 / TS7620: All versions
ProtecTIER Appliance Edition (PID 5639-PTB) - TS7650AP1: All versions
ProtecTIER Enterprise Edition (PID 5639-PTA) - TS7650G: All versions
External linkshttp://www.ibm.com/support/pages/node/691257
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Man-in-the-middle attack
EUVDB-ID: #VU237
Risk: Medium
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-2112
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions.
The vulnerability exists due to the failure to enforce integrity protection by the LDAP client and server. A remote unauthenticated attacker can bypass security restrictions by using man-in-the-middle techniques to downgrade LDAP connections.
Successful exploitation of this vulnerability may result in security restrictions bypass.
Install update from vendor's website.
Vulnerable software versionsProtecTIER Entry Edition (PID 5639-PTC) - TS7610 / TS7620: All versions
ProtecTIER Appliance Edition (PID 5639-PTB) - TS7650AP1: All versions
ProtecTIER Enterprise Edition (PID 5639-PTA) - TS7650G: All versions
External linkshttp://www.ibm.com/support/pages/node/691257
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Man-in-the-middle attack
EUVDB-ID: #VU240
Risk: Medium
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-2115
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to to bypass security restrictions.
The vulnerability exists due to the failure to protect the integrity of SMB client connections for IPC traffic. A remote unauthenticated attacker can bypass security restrictions by using man-in-the-middle techniques to perform unauthorized actions.
Successful exploitation of this vulnerability may result in security restrictions bypass.
Install update from vendor's website.
Vulnerable software versionsProtecTIER Entry Edition (PID 5639-PTC) - TS7610 / TS7620: All versions
ProtecTIER Appliance Edition (PID 5639-PTB) - TS7650AP1: All versions
ProtecTIER Enterprise Edition (PID 5639-PTA) - TS7650G: All versions
External linkshttp://www.ibm.com/support/pages/node/691257
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
