PT-2012-15: Multiple vulnerabilities in IBM InfoSphere Guardium Vulnerable softwareIBM InfoSphere Guardium Version 8.2 and earlierApplication link: http://www.ibm.com/software/data/guardium/Software descriptionIBM InfoSphere Guardium is a solution used to monitor, audit and control data access that is handled in up-to-date enterprise BDMSs.1. Cross-Site Request ForgerySeverity levelSeverity level: Medium Impact: Cross-Site Request Forgery Access Vector: Network exploitable CVSS v2: Base Score: 6.8 Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)CVE: CVE-2012-3309 Vulnerability description The specialists of the Positive Research center have detected "Cross-Site Request Forgery" vulnerability in IBM InfoSphere Guardium.The vulnerability was discovered in Account creation panel. Successful exploitation of the vulnerability allows an attacker to create an administrator account.How to fixUse vendor's advisory: http://www-01.ibm.com/support/docview.wss?uid=swg21609223 2. Sensitive Data DisclosureSeverity levelSeverity level: Medium Impact: Sensitive Data Disclosure Access Vector: Network exploitable CVSS v2: Base Score: 5 Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)CVE: CVE-2012-3312 Vulnerability description The specialists of the Positive Research center have detected "Sensitive Data Disclosure" vulnerability in IBM InfoSphere Guardium.Datasource Definition editor sends login and password for the configured database in clear text, if "Save Password" is enabled.How to fix Apply fixes: Version 8.2: SqlGuard-8.2p100_GPU_July_2012 on FixCentral Version 8.01: SqlGuard-8.01p100_GPU_July_2012 on FixCentral Version 8.0: InfoSphere_Gaurdium_8.0p9010 on FixCentral Advisory status25.06.12 - Vendor is notified 25.06.12 - Vendor gets vulnerability details 15.08.12 - Vendor releases fixed version and details 30.08.12 - Public disclosureCreditsThe vulnerabilities was discovered by Igor Bulatenko, Positive Research Center (Positive Technologies Company)Referenceshttp://en.securitylab.ru/lab/PT-2012-15 http://www-01.ibm.com/support/docview.wss?uid=swg21609223 http://www-01.ibm.com/support/docview.wss?uid=swg21609224 Reports on the vulnerabilities previously discovered by Positive Research:http://ptsecurity.com/research/advisory/ http://en.securitylab.ru/lab/
