Details of VAR-201111-0104

ID

VAR-201111-0104

CVE

CVE-2011-1372

TITLE

IBM TS3100 and TS3200 Vulnerabilities that can bypass authentication in tape libraries

Trust: 0.8

sources: JVNDB: JVNDB-2011-003098

DESCRIPTION

The Web User Interface on the IBM TS3100 and TS3200 tape libraries with firmware before A.60 allows remote attackers to bypass authentication and obtain administrative access via unspecified vectors. IBM System Storage TS3100 and TS3200 Tape Library Express are prone to a security-bypass vulnerability. Successful exploits may allow attackers to bypass security restrictions and give access to the library administration. IBM System Storage TS3100 and TS3200 Tape Library Express versions prior to A.60 are vulnerable. ---------------------------------------------------------------------- Secunia is hiring! Find your next job here: http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM System Storage TS3100 / TS3200 Tape Library Express Security Bypass Security Issue SECUNIA ADVISORY ID: SA46986 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46986/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46986 RELEASE DATE: 2011-11-24 DISCUSS ADVISORY: http://secunia.com/advisories/46986/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46986/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46986 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in IBM System Storage TS3100 and TS3200 Tape Library Express, which can be exploited by malicious people to bypass certain security restrictions. The security issue is reported in versions prior to A.60. SOLUTION: Update to version A.60. PROVIDED AND/OR DISCOVERED BY: The vendor credits Martin Murfitt, Trustwave's SpiderLabs. ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=ssg1S1003938 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2011-1372 // JVNDB: JVNDB-2011-003098 // BID: 50799 // VULHUB: VHN-49317 // PACKETSTORM: 107281

AFFECTED PRODUCTS

vendor:	ibm	model:	ts3200 tape library	scope:	eq	version:	*	Trust: 1.0
vendor:	ibm	model:	ts3100 tape library	scope:	eq	version:	*	Trust: 1.0
vendor:	ibm	model:	ts3200 tape library	scope:	lte	version:	a.40	Trust: 1.0
vendor:	ibm	model:	ts3100 tape library	scope:	lte	version:	a.40	Trust: 1.0
vendor:	ibm	model:	ts3100 tape library	scope:	-	version:	-	Trust: 0.8
vendor:	ibm	model:	ts3100 tape library	scope:	lt	version:	a.60	Trust: 0.8
vendor:	ibm	model:	ts3200 tape library	scope:	-	version:	-	Trust: 0.8
vendor:	ibm	model:	ts3200 tape library	scope:	lt	version:	a.60	Trust: 0.8
vendor:	ibm	model:	ts3100 tape library	scope:	eq	version:	a.40	Trust: 0.6
vendor:	ibm	model:	ts3200 tape library	scope:	eq	version:	a.40	Trust: 0.6
vendor:	ibm	model:	system storage ts3200 tape library express a.59	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	system storage ts3100 tape library express a.59	scope:	-	version:	-	Trust: 0.3
vendor:	ibm	model:	system storage ts3200 tape library express a.60	scope:	ne	version:	-	Trust: 0.3
vendor:	ibm	model:	system storage ts3100 tape library express a.60	scope:	ne	version:	-	Trust: 0.3

sources: BID: 50799 // JVNDB: JVNDB-2011-003098 // CNNVD: CNNVD-201111-438 // NVD: CVE-2011-1372

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-1372
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2011-1372
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201111-438
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-49317
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2011-1372
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-49317
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-49317 // JVNDB: JVNDB-2011-003098 // CNNVD: CNNVD-201111-438 // NVD: CVE-2011-1372

PROBLEMTYPE DATA

problemtype:

CWE-287

Trust: 1.9

sources: VULHUB: VHN-49317 // JVNDB: JVNDB-2011-003098 // NVD: CVE-2011-1372

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201111-438

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201111-438

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-003098

PATCH

title:

1003938

url:

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1003938

Trust: 0.8

sources: JVNDB: JVNDB-2011-003098

EXTERNAL IDS

db:	NVD	id:	CVE-2011-1372	Trust: 2.8
db:	JVNDB	id:	JVNDB-2011-003098	Trust: 0.8
db:	CNNVD	id:	CNNVD-201111-438	Trust: 0.7
db:	SECUNIA	id:	46986	Trust: 0.7
db:	NSFOCUS	id:	18223	Trust: 0.6
db:	XF	id:	71026	Trust: 0.6
db:	BID	id:	50799	Trust: 0.4
db:	PACKETSTORM	id:	108063	Trust: 0.1
db:	VULHUB	id:	VHN-49317	Trust: 0.1
db:	PACKETSTORM	id:	107281	Trust: 0.1

sources: VULHUB: VHN-49317 // BID: 50799 // JVNDB: JVNDB-2011-003098 // PACKETSTORM: 107281 // CNNVD: CNNVD-201111-438 // NVD: CVE-2011-1372

REFERENCES

url:	http://www.ibm.com/support/docview.wss?uid=ssg1s1003938	Trust: 2.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/71026	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1372	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1372	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/71026	Trust: 0.6
url:	http://secunia.com/advisories/46986	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/18223	Trust: 0.6
url:	https://www.trustwave.com/spiderlabs/advisories/twsl2011-018.txt	Trust: 0.3
url:	http://www-03.ibm.com/systems/storage/tape/ts3100/	Trust: 0.3
url:	http://www-03.ibm.com/systems/storage/tape/ts3200/	Trust: 0.3
url:	http://secunia.com/company/jobs/	Trust: 0.1
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/46986/	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=46986	Trust: 0.1
url:	http://secunia.com/advisories/46986/#comments	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-49317 // BID: 50799 // JVNDB: JVNDB-2011-003098 // PACKETSTORM: 107281 // CNNVD: CNNVD-201111-438 // NVD: CVE-2011-1372

CREDITS

Martin Murfitt of Trustwave's SpiderLabs

Trust: 0.3

sources: BID: 50799

SOURCES

db:	VULHUB	id:	VHN-49317
db:	BID	id:	50799
db:	JVNDB	id:	JVNDB-2011-003098
db:	PACKETSTORM	id:	107281
db:	CNNVD	id:	CNNVD-201111-438
db:	NVD	id:	CVE-2011-1372

LAST UPDATE DATE

2025-04-11T23:04:16.079000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-49317	date:	2017-08-17T00:00:00
db:	BID	id:	50799	date:	2011-12-20T23:19:00
db:	JVNDB	id:	JVNDB-2011-003098	date:	2011-11-29T00:00:00
db:	CNNVD	id:	CNNVD-201111-438	date:	2011-12-02T00:00:00
db:	NVD	id:	CVE-2011-1372	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-49317	date:	2011-11-28T00:00:00
db:	BID	id:	50799	date:	2011-11-24T00:00:00
db:	JVNDB	id:	JVNDB-2011-003098	date:	2011-11-29T00:00:00
db:	PACKETSTORM	id:	107281	date:	2011-11-26T01:20:18
db:	CNNVD	id:	CNNVD-201111-438	date:	2011-11-28T00:00:00
db:	NVD	id:	CVE-2011-1372	date:	2011-11-28T11:55:08.750