CYBER NEWS

CVE-2016-8939, the TSM Vulnerability IBM Neglected for 2 Anos

For one reason or another, companies often choose to fix serious security gaps in silence. That’s exactly what happened with IBM just recently when they released a workaround quietly, addressing a flaw in its enterprise backup software.

a vulnerabilidade, given the CVE-2016-8939 identifier, has been known to IBM since September 2016 when another researcher, Kestutis Gudinavicius, unearthed it for the first time. Contudo, Jakob Heidelberg, pen tester and founder of security firm Improsec also came across the flaw just recently and contacted IBM.

This is a really bad vulnerability that’s both easy to exploit and easy to fix,” the researcher said adding that “there is no excuse why IBM would leave this type of vulnerability open for so long.”

Story relacionado: Reconyc Trojan encontrados nos discos USB fornecidos com IBM Storewize

More about CVE-2016-8939

The vulnerability is associated with IBM Tivoli Storage Manager (TSM) cliente, now known as Spectrum Protect. The flaw allows local escalation of privileges and sensitive data access – all documents, pastas, emails and even usernames and passwords tied to the locally hosted TSM service could be compromised, disse o pesquisador.

As the story goes, Heidelberg together with his colleague Flemming Riis found the flaw in February this year. “We couldn’t believe our own eyes when we, in very little time, found a pretty important – and incredibly trivial – security vulnerability in the TSM product,” Heidelberg said.

The two researchers immediately notified IBM only to find out that the company had already discovered it in September 2016 when another researcher reported it. Heidelberg highlighted the fact that IBM finally issued a security bulletin but only after he told them he planned to publish his research. Two days after the company officially released a workaround fix the researcher published his pesquisa.

Apart from unauthorized access to files (documentos, Planilhas, configuration files etc.), the attacker could, por exemplo, gain access to everything from the SAM database (password hashes) to sensitive registry-values, and potentially clear text passwords for service accounts.

A malicious insider is an obvious threat in regards to this vulnerability, giving the attacker the possibility of Information Disclosure, Privilege Escalation and Credential Theft.

This is what Heidelberg and the previous researcher, Kestutis Gudinavicius, both found. A local user with limited permissions to access a server that provides remote app and desktop access could obtain access to all files and system information stored on the IBM TSM backup. The vulnerability is that serious.

Affected versions of IBM Spectrum Protect Windows Client a.k.a. Tivoli Storage Manager are all levels of 8.1, 7.1, 6.4, mais 6.3 e anteriores.

Story relacionado: Velho, mas ainda Laminados: NTFS Bug falhas do Windows 7, 8.1

Mitigations against CVE-2016-8939 IBM TSM Vulnerability

The researcher recommends that all users of the IBM TSM product should immediately:

  • Implement the workaround on all relevant systems (primarily servers with TSM backup client installed);
  • Limit network access to TSM servers, so only relevant systems (the ones that need backup and restore) can communicate with the TSM backend servers (standard TCP 1500).

An official patch is expected in either the third or fourth quarter of 2017, IBM told the researcher.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerenciador de conteúdo que foi com SensorsTechForum desde o início. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...