Sign-up

ID

VAR-201301-0147


CVE

CVE-2012-6359


TITLE

IBM TFIM and TFIMBG In OpenID Vulnerability to forge provider data

Trust: 0.8

sources: JVNDB: JVNDB-2013-001217

DESCRIPTION

IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.11, 6.2.1 before 6.2.1.3, and 6.2.2 before 6.2.2.2 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.11, 6.2.1 before 6.2.1.3, and 6.2.2 before 6.2.2.2 do not check whether an OpenID attribute is signed in the (1) SREG (aka simple registration extension) and (2) AX (aka attribute exchange extension) cases, which allows man-in-the-middle attackers to spoof OpenID provider data by inserting unsigned attributes. IBM Tivoli Federated Identity Manager is prone to a security-bypass vulnerability. Successful exploits will allow attackers to bypass certain security restrictions, which may aid in further attacks. The product provides web and federated single sign-on (SSO) capabilities to users across multiple applications. A man-in-the-middle attacker could exploit this vulnerability to spoof OpenID provider data by embedding unsigned attributes. ---------------------------------------------------------------------- The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/ ---------------------------------------------------------------------- TITLE: Tivoli Federated Identity Manager OpenID Attribute Validation Bypass Vulnerability SECUNIA ADVISORY ID: SA51212 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51212/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51212 RELEASE DATE: 2012-11-05 DISCUSS ADVISORY: http://secunia.com/advisories/51212/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/51212/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=51212 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Tivoli Federated Identity Manager, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error when validating certain OpenID attributes and can be exploited to bypass the attribute validation mechanism via a specially crafted OpenID request. The vulnerability is reported in versions 6.2.0, 6.2.1, and 6.2.2. SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (IV23451, IV23452, IV23453): http://www.ibm.com/support/docview.wss?uid=swg21615744 http://www.ibm.com/support/docview.wss?uid=swg21615748 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2012-6359 // JVNDB: JVNDB-2013-001217 // BID: 56390 // VULHUB: VHN-59640 // PACKETSTORM: 117881

AFFECTED PRODUCTS

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.1

Trust: 1.9

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.0.8

Trust: 1.6

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.0.10

Trust: 1.6

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.2

Trust: 1.6

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.0

Trust: 1.6

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.0.9

Trust: 1.6

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.2

Trust: 1.6

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.0.3

Trust: 1.6

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.0.1

Trust: 1.6

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.0.2

Trust: 1.6

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.0.2

Trust: 1.0

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.1.2

Trust: 1.0

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.0.9

Trust: 1.0

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.0.3

Trust: 1.0

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.0.8

Trust: 1.0

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.1

Trust: 1.0

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.0.1

Trust: 1.0

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.0

Trust: 1.0

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.1.1

Trust: 1.0

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.0.10

Trust: 1.0

vendor:ibmmodel:tivoli federated identity managerscope:ltversion:6.2.1

Trust: 0.8

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:ltversion:6.2.0

Trust: 0.8

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.0.11

Trust: 0.8

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.1.3

Trust: 0.8

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2.2.2

Trust: 0.8

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:ltversion:6.2.1

Trust: 0.8

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.1.3

Trust: 0.8

vendor:ibmmodel:tivoli federated identity managerscope:ltversion:6.2.2

Trust: 0.8

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.0.11

Trust: 0.8

vendor:ibmmodel:tivoli federated identity managerscope:ltversion:6.2.0

Trust: 0.8

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:ltversion:6.2.2

Trust: 0.8

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2.2.2

Trust: 0.8

vendor:ibmmodel:tivoli federated identity manager business gatewayscope:eqversion:6.2

Trust: 0.3

vendor:ibmmodel:tivoli federated identity managerscope:eqversion:6.2

Trust: 0.3

sources: BID: 56390 // JVNDB: JVNDB-2013-001217 // CNNVD: CNNVD-201301-385 // NVD: CVE-2012-6359

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-6359
value: MEDIUM

Trust: 1.0

NVD: CVE-2012-6359
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201301-385
value: MEDIUM

Trust: 0.6

VULHUB: VHN-59640
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2012-6359
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-59640
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-59640 // JVNDB: JVNDB-2013-001217 // CNNVD: CNNVD-201301-385 // NVD: CVE-2012-6359

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-59640 // JVNDB: JVNDB-2013-001217 // NVD: CVE-2012-6359

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201301-385

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201301-385

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-001217

PATCH
title:1615748url:http://www-01.ibm.com/support/docview.wss?uid=swg21615748
Trust: 0.8
title:1615744url:http://www-01.ibm.com/support/docview.wss?uid=swg21615744
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2013-001217

EXTERNAL IDS
db:NVDid:CVE-2012-6359
Trust: 2.8
db:BIDid:56390
Trust: 1.4
db:SECUNIAid:51212
Trust: 1.2
db:JVNDBid:JVNDB-2013-001217
Trust: 0.8
db:CNNVDid:CNNVD-201301-385
Trust: 0.7
db:AIXAPARid:IV23453
Trust: 0.6
db:AIXAPARid:IV23451
Trust: 0.6
db:AIXAPARid:IV23452
Trust: 0.6
db:XFid:77790
Trust: 0.6
db:VULHUBid:VHN-59640
Trust: 0.1
db:PACKETSTORMid:117881
Trust: 0.1
sources:
            
            
            VULHUB: VHN-59640 // 
            
            
            
            BID: 56390 // 
            
            
            
            JVNDB: JVNDB-2013-001217 // 
            
            
            
            PACKETSTORM: 117881 // 
            
            
            
            CNNVD: CNNVD-201301-385 // 
            
            
            
            NVD: CVE-2012-6359

REFERENCES
url:http://www-01.ibm.com/support/docview.wss?uid=swg1iv23451
Trust: 1.7
url:http://www-01.ibm.com/support/docview.wss?uid=swg1iv23452
Trust: 1.7
url:http://www-01.ibm.com/support/docview.wss?uid=swg1iv23453
Trust: 1.7
url:http://www-01.ibm.com/support/docview.wss?uid=swg21615744
Trust: 1.7
url:http://www-01.ibm.com/support/docview.wss?uid=swg21615748
Trust: 1.7
url:http://www.securityfocus.com/bid/56390
Trust: 1.1
url:http://secunia.com/advisories/51212
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/77790
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-6359
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-6359
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/77790
Trust: 0.6
url:http://www.ibm.com
Trust: 0.3
url:http://secunia.com/advisories/51212/
Trust: 0.1
url:http://secunia.com/vulnerability_intelligence/
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=51212
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://www.ibm.com/support/docview.wss?uid=swg21615744
Trust: 0.1
url:http://www.ibm.com/support/docview.wss?uid=swg21615748
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/blog/325/
Trust: 0.1
url:http://secunia.com/advisories/51212/#comments
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-59640 // 
            
            
            
            BID: 56390 // 
            
            
            
            JVNDB: JVNDB-2013-001217 // 
            
            
            
            PACKETSTORM: 117881 // 
            
            
            
            CNNVD: CNNVD-201301-385 // 
            
            
            
            NVD: CVE-2012-6359

CREDITS
Reported by the vendor.
Trust: 0.3
sources:
            
            
            BID: 56390

SOURCES
db:VULHUBid:VHN-59640
db:BIDid:56390
db:JVNDBid:JVNDB-2013-001217
db:PACKETSTORMid:117881
db:CNNVDid:CNNVD-201301-385
db:NVDid:CVE-2012-6359

LAST UPDATE DATE
2024-11-23T22:31:28.560000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-59640date:2017-08-29T00:00:00
db:BIDid:56390date:2013-01-22T12:10:00
db:JVNDBid:JVNDB-2013-001217date:2013-01-22T00:00:00
db:CNNVDid:CNNVD-201301-385date:2013-01-23T00:00:00
db:NVDid:CVE-2012-6359date:2024-11-21T01:46:04.240

SOURCES RELEASE DATE
db:VULHUBid:VHN-59640date:2013-01-18T00:00:00
db:BIDid:56390date:2012-11-05T00:00:00
db:JVNDBid:JVNDB-2013-001217date:2013-01-22T00:00:00
db:PACKETSTORMid:117881date:2012-11-05T07:28:56
db:CNNVDid:CNNVD-201301-385date:2013-01-21T00:00:00
db:NVDid:CVE-2012-6359date:2013-01-18T21:55:00.963