IBM TRIRIGA Application Platform update for Apache CXF
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2020-1954 |
| CWE-ID | CWE-300 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
IBM TRIRIGA Application Platform Server applications / SCADA systems |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Man-in-the-Middle (MitM) attack
EUVDB-ID: #VU26530
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-1954
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a man-in-the-middle (MitM) attack.
The vulnerability exists in the JMX Integration when the "createMBServerConnectorFactory" property of the default InstrumentationManagerImpl is not disabled. A remote attacker on the same host can perform a man-in-the-middle attack and gain access to all of the information that is sent and received over JMX.
Mitigation
Install update from vendor's website.
Vulnerable software versionsIBM TRIRIGA Application Platform: before 4.1.1
CPE2.3http://www.ibm.com/blogs/psirt/security-bulletinibm-tririga-application-platform-discloses-cve-2020-1954/
http://www.ibm.com/support/pages/node/6616295
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
