cnvd - cnvd-2016-00077

cnvd-2016-00077

Vulnerability from cnvd

Title: IBM Cognos Business Intelligence Tivoli Common Reporting权限提升漏洞

Description:

IBM Cognos Business Intelligence（BI）和IBM Tivoli Common Reporting（TCR）都是美国IBM公司的产品。BI是一套商业智能软件。该软件包括报表、仪表板和记分卡等，并可通过分析关键因素与关键干系人等内容，协助企业调整决策。TCR是一套基于Tivoli（轻量级目录访问协议LDAP身份基础架构）的通用报表解决方案。该方案提供定制报表、管理报表和生成报表等功能。

IBM Cognos BI中使用的IBM TCR中存在安全漏洞，该漏洞源于程序执行group-add和group-remove操作时会保留用户权限。本地攻击者管理员权限更改组成员关系利用该漏洞绕过既定的访问限制。

Severity: 中

Patch Name: IBM Cognos Business Intelligence Tivoli Common Reporting权限提升漏洞的补丁

Patch Description:

IBM Cognos BI中使用的IBM TCR中存在安全漏洞，该漏洞源于程序执行group-add和group-remove操作时会保留用户权限。本地攻击者管理员权限更改组成员关系利用该漏洞绕过既定的访问限制。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： http://www-01.ibm.com/support/docview.wss?uid=swg21972799

Reference: http://www-01.ibm.com/support/docview.wss?uid=swg21972799

Impacted products

Name
['IBM Tivoli Common Reporting 2.1(<IF14)', 'IBM Tivoli Common Reporting 2.1.1(<IF22)', 'IBM Tivoli Common Reporting 2.1.1.2(<IF9)', 'IBM Tivoli Common Reporting 3.1.0.0-3.1.2', 'IBM Cognos Business Intelligence <10.2 IF16', 'IBM Cognos Business Intelligence \r\n<10.2.1.1 IF12', 'IBM Cognos Business Intelligence 3.1.2.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-7436"
    }
  },
  "description": "IBM Cognos Business Intelligence\uff08BI\uff09\u548cIBM Tivoli Common Reporting\uff08TCR\uff09\u90fd\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u4ea7\u54c1\u3002BI\u662f\u4e00\u5957\u5546\u4e1a\u667a\u80fd\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u5305\u62ec\u62a5\u8868\u3001\u4eea\u8868\u677f\u548c\u8bb0\u5206\u5361\u7b49\uff0c\u5e76\u53ef\u901a\u8fc7\u5206\u6790\u5173\u952e\u56e0\u7d20\u4e0e\u5173\u952e\u5e72\u7cfb\u4eba\u7b49\u5185\u5bb9\uff0c\u534f\u52a9\u4f01\u4e1a\u8c03\u6574\u51b3\u7b56\u3002TCR\u662f\u4e00\u5957\u57fa\u4e8eTivoli\uff08\u8f7b\u91cf\u7ea7\u76ee\u5f55\u8bbf\u95ee\u534f\u8baeLDAP\u8eab\u4efd\u57fa\u7840\u67b6\u6784\uff09\u7684\u901a\u7528\u62a5\u8868\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u65b9\u6848\u63d0\u4f9b\u5b9a\u5236\u62a5\u8868\u3001\u7ba1\u7406\u62a5\u8868\u548c\u751f\u6210\u62a5\u8868\u7b49\u529f\u80fd\u3002\r\n\r\nIBM Cognos BI\u4e2d\u4f7f\u7528\u7684IBM TCR\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u6267\u884cgroup-add\u548cgroup-remove\u64cd\u4f5c\u65f6\u4f1a\u4fdd\u7559\u7528\u6237\u6743\u9650\u3002\u672c\u5730\u653b\u51fb\u8005\u7ba1\u7406\u5458\u6743\u9650\u66f4\u6539\u7ec4\u6210\u5458\u5173\u7cfb\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u65e2\u5b9a\u7684\u8bbf\u95ee\u9650\u5236\u3002",
  "discovererName": "IBM",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://www-01.ibm.com/support/docview.wss?uid=swg21972799",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-00077",
  "openTime": "2016-01-07",
  "patchDescription": "IBM Cognos Business Intelligence\uff08BI\uff09\u548cIBM Tivoli Common Reporting\uff08TCR\uff09\u90fd\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u4ea7\u54c1\u3002BI\u662f\u4e00\u5957\u5546\u4e1a\u667a\u80fd\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u5305\u62ec\u62a5\u8868\u3001\u4eea\u8868\u677f\u548c\u8bb0\u5206\u5361\u7b49\uff0c\u5e76\u53ef\u901a\u8fc7\u5206\u6790\u5173\u952e\u56e0\u7d20\u4e0e\u5173\u952e\u5e72\u7cfb\u4eba\u7b49\u5185\u5bb9\uff0c\u534f\u52a9\u4f01\u4e1a\u8c03\u6574\u51b3\u7b56\u3002TCR\u662f\u4e00\u5957\u57fa\u4e8eTivoli\uff08\u8f7b\u91cf\u7ea7\u76ee\u5f55\u8bbf\u95ee\u534f\u8baeLDAP\u8eab\u4efd\u57fa\u7840\u67b6\u6784\uff09\u7684\u901a\u7528\u62a5\u8868\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u65b9\u6848\u63d0\u4f9b\u5b9a\u5236\u62a5\u8868\u3001\u7ba1\u7406\u62a5\u8868\u548c\u751f\u6210\u62a5\u8868\u7b49\u529f\u80fd\u3002\r\n\r\nIBM Cognos BI\u4e2d\u4f7f\u7528\u7684IBM TCR\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u6267\u884cgroup-add\u548cgroup-remove\u64cd\u4f5c\u65f6\u4f1a\u4fdd\u7559\u7528\u6237\u6743\u9650\u3002\u672c\u5730\u653b\u51fb\u8005\u7ba1\u7406\u5458\u6743\u9650\u66f4\u6539\u7ec4\u6210\u5458\u5173\u7cfb\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u65e2\u5b9a\u7684\u8bbf\u95ee\u9650\u5236\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "IBM Cognos Business Intelligence Tivoli Common Reporting\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "IBM Tivoli Common Reporting 2.1(\u003cIF14)",
      "IBM Tivoli Common Reporting  2.1.1(\u003cIF22)",
      "IBM Tivoli Common Reporting  2.1.1.2(\u003cIF9)",
      "IBM Tivoli Common Reporting  3.1.0.0-3.1.2",
      "IBM Cognos Business Intelligence \u003c10.2 IF16",
      "IBM Cognos Business Intelligence \r\n\u003c10.2.1.1 IF12",
      "IBM Cognos Business Intelligence 3.1.2.1"
    ]
  },
  "referenceLink": "http://www-01.ibm.com/support/docview.wss?uid=swg21972799",
  "serverity": "\u4e2d",
  "submitTime": "2016-01-06",
  "title": "IBM Cognos Business Intelligence Tivoli Common Reporting\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}

CVE-2015-7436 (GCVE-0-2015-7436)

Vulnerability from cvelistv5

Published

2016-01-02 21:00

Modified

2024-08-06 07:51

Severity ?

CWE

Summary

IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, 2.1.1.2 before IF9, 3.1.0.0 through 3.1.2 as used in Cognos Business Intelligence before 10.2 IF16, and 3.1.2.1 as used in Cognos Business Intelligence before 10.2.1.1 IF12 preserves user permissions across group-add and group-remove operations, which allows local users to bypass intended access restrictions in opportunistic circumstances by leveraging administrative changes to group membership.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg21972799	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:51:27.405Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972799"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-12-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, 2.1.1.2 before IF9, 3.1.0.0 through 3.1.2 as used in Cognos Business Intelligence before 10.2 IF16, and 3.1.2.1 as used in Cognos Business Intelligence before 10.2.1.1 IF12 preserves user permissions across group-add and group-remove operations, which allows local users to bypass intended access restrictions in opportunistic circumstances by leveraging administrative changes to group membership."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-01-02T21:57:02",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972799"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2015-7436",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, 2.1.1.2 before IF9, 3.1.0.0 through 3.1.2 as used in Cognos Business Intelligence before 10.2 IF16, and 3.1.2.1 as used in Cognos Business Intelligence before 10.2.1.1 IF12 preserves user permissions across group-add and group-remove operations, which allows local users to bypass intended access restrictions in opportunistic circumstances by leveraging administrative changes to group membership."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21972799",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972799"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2015-7436",
    "datePublished": "2016-01-02T21:00:00",
    "dateReserved": "2015-09-29T00:00:00",
    "dateUpdated": "2024-08-06T07:51:27.405Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted