Summary of PowerVC Standard Edition security fixes published March 12, 2015

A number of security exposure and corresponding fixes were published March 12, 2015 for PowerVC Standard Edition.

For your convenience, here is a list of the issues and links to related information.

• IBM PowerVC is impacted by OpenStack Neutron DoS through Invalid DNS Configuration (CVE-2014-7821)By configuring specially-crafted dns_nameservers, a remote authenticated attacker can cause the neutron service to crash, resulting in a denial of service (CVE-2014-7821).

• IBM PowerVC May Be Impacted by XSS Vulnerabilities in Dojo Toolkit (CVE-2014-8917)IBM Dojo Toolkit is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked.

• IBM PowerVC is Impacted by OpenStack Neutron Policy Admin-Only Rules Security Bypass (CVE-2014-6414)By updating a network attribute with a default value, a non-privileged user may reset admin-only network attributes. This may lead to unexpected behavior with security implications or in some extreme cases network outages resulting in denial of service (CVE-2014-6414).

• IBM PowerVC is Impacted by OpenStack Cinder and Nova Information Disclosure (CVE-2014-7230, CVE-2014-7231)An attacker with read access to the nova and cinder logs may obtains passwords used as a parameter of a command that has failed (CVE-2014-7230) or when mask_password did not properly mask passwords (CVE-2014-7231).

• IBM PowerVC Not Properly Validating HMC Certificates (CVE-2015-0137)IBM PowerVC only completes HMC certificate validation prior to sending the login request, which leaves subsequent requests vulnerable to man in the middle attacks. Only PowerVC Standard implementations managing HMC are affected.

• IBM PowerVC Could Allow a Local Attacker to Read a Valid Access Token (CVE-2015-0136)IBM PowerVC could allow a local attacker to read a valid access token. The powervc-iso-import command internally calls another command to which it passes a valid access token as a command line argument. This token may be seen in the process table. Only PowerVC Express installations managing IVM and PowerVC Standard installations managing PowerKVM are affected.

The best way to stay informed of important PowerVC fixes is to subscribe via IBM My Notifications

Advertisement