Sign-up

ID

VAR-201201-0010


CVE

CVE-2011-1386


TITLE

IBM TFIM and TFIMBG Vulnerabilities that bypass the intended authentication or authentication requirements

Trust: 0.8

sources: JVNDB: JVNDB-2011-003612

DESCRIPTION

IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.1.1, 6.2.0, and 6.2.1 do not properly handle signature validations based on SAML 1.0, 1.1, and 2.0, which allows remote attackers to bypass intended authentication or authorization requirements via a non-conforming SAML signature. IBM Tivoli Federated Identity Manager is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass the signature validation mechanism through a non-conforming SAML signature. ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM Tivoli Federated Identity Manager SAML Signature Validation Security Bypass SECUNIA ADVISORY ID: SA47218 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47218/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47218 RELEASE DATE: 2011-12-14 DISCUSS ADVISORY: http://secunia.com/advisories/47218/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/47218/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=47218 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway, which can be exploited by malicious people to bypass certain security restrictions. Successful exploitation requires the use of SAML based protocols (SAML 1.0, 1.1, or 2.0) or Security Token Service modules. The vulnerability is reported in versions 6.1.1, 6.2.0, and 6.2.1. SOLUTION: Update to version 6.1.1 Interim Fix 12, 6.2.0 Interim Fix 10, or 6.2.1 Fix Pack 2. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (IV10793, IV10801, IV10813): http://www.ibm.com/support/docview.wss?uid=swg21575309 http://www.ibm.com/support/docview.wss?uid=swg24031351 http://www.ibm.com/support/docview.wss?uid=swg24031348 http://www.ibm.com/support/docview.wss?uid=swg24029500 IBM X-Force: http://xforce.iss.net/xforce/xfdb/71686 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2011-1386 // JVNDB: JVNDB-2011-003612 // BID: 51064 // VULHUB: VHN-49331 // PACKETSTORM: 107862

AFFECTED PRODUCTS

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.1

Trust: 2.7

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.1.1

Trust: 2.7

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.1.1

Trust: 2.4

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.0

Trust: 2.4

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.1

Trust: 2.4

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.0

Trust: 2.4

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.3

Trust: 0.3

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.0.9

Trust: 0.3

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.0.8

Trust: 0.3

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.0.3

Trust: 0.3

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.0.2

Trust: 0.3

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.0.1

Trust: 0.3

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2

Trust: 0.3

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.3

Trust: 0.3

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.0.9

Trust: 0.3

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.0.8

Trust: 0.3

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.0.3

Trust: 0.3

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.0.2

Trust: 0.3

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.0.1

Trust: 0.3

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2

Trust: 0.3

vendor:ibmmodel:tivoli federated identity managerscope: - version: -

Trust: 0.3

vendor:ibmmodel:federated identity managerscope:eqversion:6.2.1

Trust: 0.3

vendor:ibmmodel:federated identity managerscope:eqversion:6.1.1

Trust: 0.3

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:neversion:6.2.0.10

Trust: 0.3

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:neversion:6.1.1.12

Trust: 0.3

vendor:ibmmodel:tivoli federated identity managerscope:neversion:6.2.1.2

Trust: 0.3

vendor:ibmmodel:tivoli federated identity managerscope:neversion:6.2.0.10

Trust: 0.3

vendor:ibmmodel:tivoli federated identity managerscope:neversion:6.1.1.12

Trust: 0.3

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:neversion:6.2.1.2

Trust: 0.3

sources: BID: 51064 // JVNDB: JVNDB-2011-003612 // CNNVD: CNNVD-201112-238 // NVD: CVE-2011-1386

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-1386
value: MEDIUM

Trust: 1.0

NVD: CVE-2011-1386
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201112-238
value: MEDIUM

Trust: 0.6

VULHUB: VHN-49331
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2011-1386
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-49331
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-49331 // JVNDB: JVNDB-2011-003612 // CNNVD: CNNVD-201112-238 // NVD: CVE-2011-1386

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-49331 // JVNDB: JVNDB-2011-003612 // NVD: CVE-2011-1386

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201112-238

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201112-238

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2011-003612

PATCH
title:21575309url:http://www-01.ibm.com/support/docview.wss?uid=swg21575309
Trust: 0.8
title:6.1.1-TIV-TFIM-IF0012url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=42325
Trust: 0.6
title:6.1.1-TIV-TFIM-FP0010url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=42324
Trust: 0.6
title:6.2.1-TIV-TFIM-FP0002url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=42328
Trust: 0.6
title:6.2.0-TIV-TFIM-IF0010url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=42327
Trust: 0.6
title:6.2.0-TIV-TFIM-FP0009url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=42326
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2011-003612 // 
            
            
            
            CNNVD: CNNVD-201112-238

EXTERNAL IDS
db:NVDid:CVE-2011-1386
Trust: 2.8
db:JVNDBid:JVNDB-2011-003612
Trust: 0.8
db:SECUNIAid:47218
Trust: 0.8
db:CNNVDid:CNNVD-201112-238
Trust: 0.7
db:XFid:71686
Trust: 0.7
db:AIXAPARid:IV10793
Trust: 0.6
db:AIXAPARid:IV10801
Trust: 0.6
db:AIXAPARid:IV10813
Trust: 0.6
db:NSFOCUSid:18347
Trust: 0.6
db:BIDid:51064
Trust: 0.4
db:VULHUBid:VHN-49331
Trust: 0.1
db:PACKETSTORMid:107862
Trust: 0.1
sources:
            
            
            VULHUB: VHN-49331 // 
            
            
            
            BID: 51064 // 
            
            
            
            JVNDB: JVNDB-2011-003612 // 
            
            
            
            PACKETSTORM: 107862 // 
            
            
            
            CNNVD: CNNVD-201112-238 // 
            
            
            
            NVD: CVE-2011-1386

REFERENCES
url:http://www.ibm.com/support/docview.wss?uid=swg21575309
Trust: 2.1
url:http://www-01.ibm.com/support/docview.wss?uid=swg1iv10793
Trust: 1.7
url:http://www-01.ibm.com/support/docview.wss?uid=swg1iv10801
Trust: 1.7
url:http://www-01.ibm.com/support/docview.wss?uid=swg1iv10813
Trust: 1.7
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/71686
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1386
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1386
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/71686
Trust: 0.7
url:http://secunia.com/advisories/47218
Trust: 0.6
url:http://www.nsfocus.net/vulndb/18347
Trust: 0.6
url:http://www.ibm.com/support/docview.wss?uid=swg24031351
Trust: 0.4
url:http://www.ibm.com/support/docview.wss?uid=swg24031348
Trust: 0.4
url:http://www.ibm.com/support/docview.wss?uid=swg24029500
Trust: 0.4
url:http://www.ibm.com
Trust: 0.3
url:http://secunia.com/advisories/47218/
Trust: 0.1
url:http://secunia.com/advisories/47218/#comments
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=47218
Trust: 0.1
url:http://secunia.com/company/jobs/
Trust: 0.1
url:http://secunia.com/vulnerability_intelligence/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-49331 // 
            
            
            
            BID: 51064 // 
            
            
            
            JVNDB: JVNDB-2011-003612 // 
            
            
            
            PACKETSTORM: 107862 // 
            
            
            
            CNNVD: CNNVD-201112-238 // 
            
            
            
            NVD: CVE-2011-1386

CREDITS
Reported by the vendor.
Trust: 0.3
sources:
            
            
            BID: 51064

SOURCES
db:VULHUBid:VHN-49331
db:BIDid:51064
db:JVNDBid:JVNDB-2011-003612
db:PACKETSTORMid:107862
db:CNNVDid:CNNVD-201112-238
db:NVDid:CVE-2011-1386

LAST UPDATE DATE
2024-11-23T22:39:14.848000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-49331date:2017-08-17T00:00:00
db:BIDid:51064date:2011-12-14T00:00:00
db:JVNDBid:JVNDB-2011-003612date:2012-01-06T00:00:00
db:CNNVDid:CNNVD-201112-238date:2012-01-06T00:00:00
db:NVDid:CVE-2011-1386date:2024-11-21T01:26:11.783

SOURCES RELEASE DATE
db:VULHUBid:VHN-49331date:2012-01-04T00:00:00
db:BIDid:51064date:2011-12-14T00:00:00
db:JVNDBid:JVNDB-2011-003612date:2012-01-06T00:00:00
db:PACKETSTORMid:107862date:2011-12-14T04:40:21
db:CNNVDid:CNNVD-201112-238date:2011-12-16T00:00:00
db:NVDid:CVE-2011-1386date:2012-01-04T03:55:09.067