CVE-2012-5756 - OpenCVE

The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2, when a collective configuration is enabled, has a single secret key that is shared across different customers' installations, which allows remote attackers to spoof a container server by (1) sniffing the network to locate a cleartext transmission of this key or (2) leveraging knowledge of this key from another installation.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Ibm	Websphere Datapower Xc10 Appliance

Configuration 1 [-]

OR	cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.0.0.0:::::::*
	cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.0.0.1:::::::*
	cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.0.0.2:::::::*
	cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.0.0.3:::::::*
	cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.1.0.0:::::::*
	cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.1.0.1:::::::*
	cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.1.0.2:::::::*

References

Link	Resource
http://secunia.com/advisories/51319
http://www-01.ibm.com/support/docview.wss?uid=swg1PM68926	Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21615783	Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg24033740
http://www.securityfocus.com/bid/56617
http://www.securitytracker.com/id?1027798
https://exchange.xforce.ibmcloud.com/vulnerabilities/79921

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: ibm

Published: 2012-11-23T11:00:00

Updated: 2017-08-28T12:57:01

Reserved: 2012-11-02T00:00:00

Link: CVE-2012-5756

JSON object: View

NVD Information

Status : Modified

Published: 2012-11-23T12:09:55.853

Modified: 2017-08-29T01:32:44.697

Link: CVE-2012-5756

JSON object: View

Redhat Information

No data.

CWE

CWE-310

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-11-09T00:00:00", "descriptions": [{"lang": "en", "value": "The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2, when a collective configuration is enabled, has a single secret key that is shared across different customers' installations, which allows remote attackers to spoof a container server by (1) sniffing the network to locate a cleartext transmission of this key or (2) leveraging knowledge of this key from another installation."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24033740"}, {"name": "PM68926", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM68926"}, {"name": "56617", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/56617"}, {"name": "websphere-datapower-app-spoofing(79921)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79921"}, {"name": "1027798", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1027798"}, {"name": "51319", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/51319"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615783"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2012-5756", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2, when a collective configuration is enabled, has a single secret key that is shared across different customers' installations, which allows remote attackers to spoof a container server by (1) sniffing the network to locate a cleartext transmission of this key or (2) leveraging knowledge of this key from another installation."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24033740", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24033740"}, {"name": "PM68926", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM68926"}, {"name": "56617", "refsource": "BID", "url": "http://www.securityfocus.com/bid/56617"}, {"name": "websphere-datapower-app-spoofing(79921)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79921"}, {"name": "1027798", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1027798"}, {"name": "51319", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51319"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615783", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615783"}]}}}}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2012-5756", "datePublished": "2012-11-23T11:00:00", "dateReserved": "2012-11-02T00:00:00", "dateUpdated": "2017-08-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C430DE33-2AEE-414D-BA99-3E363798005C", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "66CF002D-2EF9-4C77-B9B5-063A33113AF3", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "D733550C-4C9B-4AE0-8865-9761D6556ED6", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "8188D330-B466-47A1-B4C6-113A070A98A2", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B91BAA10-2047-43D3-A2CF-7FA541E6DA43", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B3327710-8E4F-4D38-AD50-BB95669C7B09", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "BDA3ECF3-DC6F-4DD3-B179-B02C637ADAE7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2, when a collective configuration is enabled, has a single secret key that is shared across different customers' installations, which allows remote attackers to spoof a container server by (1) sniffing the network to locate a cleartext transmission of this key or (2) leveraging knowledge of this key from another installation."}, {"lang": "es", "value": "El IBM WebSphere DataPower XC10 Appliance v2.0.0.0 hasta v2.0.0.3 y v2.1.0.0 hasta v2.1.0.2, cuando una configuraci\u00f3n colectiva est\u00e1 habilitada, tiene una \u00fanica clave secreta que se comparte entre diferentes instalaciones de los clientes, lo que permite a atacantes remotos falsificar un servidor de contenedores mediante (1) escuchando la red para localizar una transmisi\u00f3n en texto claro de esta clave o (2) el conocimiento de esta llave de otra instalaci\u00f3n."}], "id": "CVE-2012-5756", "lastModified": "2017-08-29T01:32:44.697", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-11-23T12:09:55.853", "references": [{"source": "psirt@us.ibm.com", "url": "http://secunia.com/advisories/51319"}, {"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM68926"}, {"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615783"}, {"source": "psirt@us.ibm.com", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24033740"}, {"source": "psirt@us.ibm.com", "url": "http://www.securityfocus.com/bid/56617"}, {"source": "psirt@us.ibm.com", "url": "http://www.securitytracker.com/id?1027798"}, {"source": "psirt@us.ibm.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79921"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-310"}], "source": "nvd@nist.gov", "type": "Primary"}]}