Security Advisory CVE-2019-11207 regarding TIBCO LogLogic LMI

Security Advisory CVE-2019-11207 regarding TIBCO LogLogic LMI

book

Article ID: KB0108063

calendar_today

Updated On:

Products Versions
TIBCO LogLogic Log Management Intelligence 6.2.1 and below

Description

TIBCO LogLogic Log Management Intelligence Multiple Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) Vulnerabilities

  Original release date: August 13, 2019
  Last revised: ---
  Source: TIBCO Software Inc.

  The following component is affected:
    * web server

Description
The component listed above contains multiple vulnerabilities that theoretically allow persistent and reflected cross-site scripting (XSS) attacks, as well as cross-site request forgery (CSRF) attacks.

Impact
The impact of this vulnerability includes the theoretical possibility that an unauthenticated attacker could perform administrative functions provided by the web interface of the affected component.

  CVSS v3 Base Score: 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Resolution

  TIBCO has released updated versions of the affected systems which address these issues:
  • If you have TIBCO LogLogic LMI EVA versions 6.2.1 and below then update to version 6.3.0 or higher
  • If you have
    • TIBCO LogLogic LX825 Appliance 0.0.004,
    • TIBCO LogLogic LX1025 Appliance 0.0.004,
    • TIBCO LogLogic LX4025 Appliance 0.0.004,
    • TIBCO LogLogic MX3025 Appliance 0.0.004,
    • TIBCO LogLogic MX4025 Appliance 0.0.004,
    • TIBCO LogLogic ST1025 Appliance 0.0.004,
    • TIBCO LogLogic ST2025-SAN Appliance 0.0.004 or
    • TIBCO LogLogic ST4025 Appliance 0.0.004
          and you are using TIBCO LogLogic LMI versions 6.2.1 and below then update to 6.2.1_02 (aka Patch 02) or higher compatible version. The version must remain below 6.3.0.
  • If you have:
    • TIBCO LogLogic LX1025R1 Appliance 0.0.004,
    • TIBCO LogLogic LX1025R2 Appliance 0.0.004,
    • TIBCO LogLogic LX4025R1 Appliance 0.0.004,
    • TIBCO LogLogic LX4025R2 Appliance 0.0.004,
    • TIBCO LogLogic LX1035 Appliance 0.0.005,
    • TIBCO LogLogic LX4035 Appliance 0.0.005,
    • TIBCO LogLogic ST2025-SANR1 Appliance 0.0.004,
    • TIBCO LogLogic ST2025-SANR2 Appliance 0.0.004,
    • TIBCO LogLogic ST2035-SAN Appliance 0.0.005,
    • TIBCO LogLogic ST4025R1 Appliance 0.0.004,
    • TIBCO LogLogic ST4025R2 Appliance 0.0.004, or
    • TIBCO LogLogic ST4035 Appliance 0.0.005
          and you are using TIBCO LogLogic LMI versions 6.2.1 and below then you can update to LMI 6.3.0 or higher.

You can obtain both LMI 6.3.0 and 6.2.1_02 from https://edelivery.tibco.com. To find 6.2.1_02 you must search by a specific hardware model such as "ST1025" then expand the 6.2.1 product entry. The search is not case-sensitive. The 6.2.1_02 patch will not be listed under the LMI EVA product entries.

Issue/Introduction

Security Advisory CVE-2019-11207 regarding TIBCO LogLogic LMI

Additional Information

 http://www.tibco.com/services/support/advisories
 CVE-2019-11207
Powered by Wolken Software