Vulnerability Name:

CVE-2018-1428 (CCN-139073)

Assigned:2017-12-13
Published:2018-03-15
Updated:2019-10-09
Summary:IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 139073.
CVSS v3 Severity:5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
5.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
4.9 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-327
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2018-1428

Source: CCN
Type: IBM Security Bulletin 0713555 (Security Network Intrusion Prevention System)
IBM Security Network Intrusion Prevention System is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 0713561 (Security SiteProtector System)
IBM Security SiteProtector System is affected by GSKit vulnerabilities

Source: CCN
Type: IBM Security Bulletin 0713787 (Security AppScan Enterprise)
Multiple security vulnerabilities in GSKit and GSKit-Crypto affect IBM Security AppScan Enterprise

Source: CCN
Type: IBM Security Bulletin 0717133 (Workload Automation)
Multiple vulnerabilities in GSKit affect IBM Workload Scheduler

Source: CCN
Type: IBM Security Bulletin 718249 (PureData System for Analytics)
Multiple vulnerabilities in IBM HTTP Server affects Netezza Performance Portal

Source: CCN
Type: IBM Security Bulletin 718773 (Endpoint Manager for Lifecycle Management)
Server Automation is affected by the following GSKit vulnerabilities (CVE-2018-1447, CVE-2018-1427, CVE-2018-1428)

Source: CCN
Type: IBM Security Bulletin 719379 (API Connect)
IBM API Connect is affected by multiple GSKit and OpenSSL vulnerabilities

Source: CCN
Type: IBM Security Bulletin 957781 (Security Privileged Identity Manager)
IBM Security Privileged Identity Manager is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 964993 (Informix)
IBM Informix Client SDK is affected by GSKIT vulnerabilities

Source: CCN
Type: IBM Security Bulletin T1027495 (Cloud Manager with Openstack)
IBM Cloud Manager with OpenStack is affected by GSKit

Source: CCN
Type: IBM Security Bulletin 1974627 (Tivoli Netcool/OMNIbus)
Multiple vulnerabilities in the GSKit component of Tivoli Netcool/OMNIbus

Source: CCN
Type: IBM Security Bulletin 2013756 (DB2 for Linux, UNIX and Windows)
IBM Db2 is affected by multiple vulnerabilities in the GSKit library

Source: CONFIRM
Type: Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg22013756

Source: CCN
Type: IBM Security Bulletin 2014202 (Cognos Business Intelligence)
IBM Cognos Business Intelligence Server 2018Q1 Security Updater : IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities.

Source: CCN
Type: IBM Security Bulletin 2014651 (MQ)
IBM MQ and WebSphere MQ are affected by multiple vulnerabilities in OpenSSL and GSKit.

Source: CCN
Type: IBM Security Bulletin 2014669 (Spectrum Protect)
Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect (formerly Tivoli Storage Manager) Client

Source: CCN
Type: IBM Security Bulletin 2014720 (Cognos Business Intelligence)
IBM Cognos Metrics Manager 2018 Q1 Security Update: IBM Cognos Metrics Manager is affected by multiple vulnerabilities.

Source: CCN
Type: IBM Security Bulletin 2014788 (Content Collector for SAP Applications)
IBM Content Collector for SAP Applications is affected by GSKit and GSKit-Crypto vulnerabilities

Source: CCN
Type: IBM Security Bulletin 2014957 (Spectrum Protect for Space Management)
Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect (formerly Tivoli Storage Manager) for Space Management

Source: CCN
Type: IBM Security Bulletin 2015066 (Spectrum Protect for Virtual Environments)
Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for VMware

Source: CCN
Type: IBM Security Bulletin 2015071 (Spectrum Protect Snapshot)
Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for VMware

Source: CCN
Type: IBM Security Bulletin 2015077 (Spectrum Protect Snapshot)
Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect Snapshot (formerly Tivoli Storage FlashCopy Manager) for Unix

Source: CCN
Type: IBM Security Bulletin 2015080 (Spectrum Protect)
Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect (formerly Tivoli Storage Manager) Server

Source: CCN
Type: IBM Security Bulletin 2015211 (Spectrum Protect for Workstations)
Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect for Workstations (formerly Tivoli Storage Manager FastBack for Workstations)

Source: CCN
Type: IBM Security Bulletin 2015252 (SPSS Statistics)
IBM SPSS Statistics is affected by multiple GSKit vulnerabilities

Source: CCN
Type: IBM Security Bulletin 2015304 (Spectrum Protect for Virtual Environments)
Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for Hyper-V

Source: CCN
Type: IBM Security Bulletin 2015424 (Tivoli Monitoring V6)
Multiple vulnerabilities affect the GSKit component of IBM Tivoli Monitoring

Source: CCN
Type: IBM Security Bulletin 2015501 (Tivoli Storage Manager FastBack)
Multiple vulnerabilities in the IBM GSKit component of IBM Tivoli Storage Manager FastBack

Source: CCN
Type: IBM Security Bulletin 2015510 (Cognos Controller)
IBM Cognos Controller 2018Q2 Security Updater: Multiple vulnerabilities have been identified in IBM Cognos Controller

Source: CCN
Type: IBM Security Bulletin 2015603 (Algo One)
Algo One Core is affected by GSKit vulnerabilities.

Source: CCN
Type: IBM Security Bulletin 2016091 (Monitoring)
Vulnerabilities in IBM GSKit and IBM GSKit-Crypto affect IBM Performance Management products

Source: CCN
Type: IBM Security Bulletin 2016372 (Planning Analytics Local)
Multiple vulnerabilities exist in IBM Planning Analytics Local

Source: CCN
Type: IBM Security Bulletin 2016549 (Security Network Protection)
IBM Security Network Protection is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 2016890 (Security Access Manager)
IBM Security Access Manager is affected by multiple vulnerabilities in GSKit

Source: BID
Type: Third Party Advisory, VDB Entry
103574

Source: CCN
Type: BID-103574
IBM DB2 CVE-2018-1428 Local Information Disclosure Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1041012

Source: MISC
Type: Third Party Advisory, VDB Entry, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/139073

Source: XF
Type: UNKNOWN
ibm-gskit-cve20181428-info-disc(139073)

Source: CCN
Type: IBM Security Bulletin 726039 (DataPower Gateway CD)
WebSphere DataPower Appliances is affected by multiple issues

Source: CCN
Type: IBM Security Bulletin 738249 (Cognos Analytics)
Multiple Vulnerabilities in IBM Cognos Analytics

Source: CCN
Type: IBM Security Bulletin 2014741 (FileNet Image Services)
IBM FileNet Image Services is affected by GSKit and GSKit-Crypto vulnerabilities

Source: CCN
Type: IBM Security Bulletin 2014742 (eDiscovery Manager)
eDiscovery Manager is affected by GSKit and GSKit-Crypto vulnerabilities

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ibm:db2:9.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2:10.1:*:*:*:*:-:*:*
  • OR cpe:/a:ibm:db2:10.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2:11.1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:linux:linux_kernel:-:*:*:*:*:*:*:*

  • Configuration 2:
  • cpe:/a:ibm:db2:9.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2:10.1:*:*:*:*:-:*:*
  • OR cpe:/a:ibm:db2:10.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:db2:11.1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:microsoft:windows:-:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    ibm db2 9.7
    ibm db2 10.1
    ibm db2 10.5
    ibm db2 11.1
    linux linux kernel -
    ibm db2 9.7
    ibm db2 10.1
    ibm db2 10.5
    ibm db2 11.1
    microsoft windows -