Multiple vulnerabilities in IBM Intelligent Operations Center (IOC)
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2017-12626 CVE-2017-1262 |
| CWE-ID | CWE-835 CWE-113 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
IBM Intelligent Operations Center Server applications / Other server solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Infinite loop
EUVDB-ID: #VU12842
Risk: Low
CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-12626
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to infinite loops while parsing specially crafted WMF, EMF, MSG and macros and out of Memory exceptions while parsing specially crafted DOC, PPT and XLS. A remote attacker can cause the service to crash.
Install update from vendor's website.
Vulnerable software versionsIBM Intelligent Operations Center: 5.1.0 - 5.2.3
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.1.0.3:*:*:*:*:*:*:*
http://www.ibm.com/support/pages/node/7030920
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) HTTP response splitting
EUVDB-ID: #VU80740
Risk: Medium
CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2017-1262
CWE-ID:
CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform HTTP splitting attacks.
The vulnerability exists due to software does not correclty process CRLF character sequences. A remote attacker can send specially crafted request containing CRLF sequence and make the application to send a split HTTP response.
Successful exploitation of the vulnerability may allow an attacker perform cache poisoning attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM Intelligent Operations Center: 5.1.0 - 5.2.3
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_intelligent_operations_center:5.1.0.3:*:*:*:*:*:*:*
http://www.ibm.com/support/pages/node/7030920
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
