1. Introduction
Tivoli Provisioning Manager Express for Software Distribution is vulnerable to multiple SQL injection flaws. This means an attacker could potentially access sensitive data stored in the database, or even control it directly. Systems running this software are at risk, particularly those exposed to the internet. A successful attack could compromise confidentiality, integrity and availability of the affected system.
2. Technical Explanation
- Root cause: Missing input validation on user-supplied data within the specified servlets.
- Exploit mechanism: An attacker sends a crafted request containing SQL code to one of the vulnerable servlets, which is then executed against the database. For example, an attacker could inject ‘ OR 1=1 –‘ into a username field to bypass login.
- Scope: Tivoli Provisioning Manager Express for Software Distribution.
3. Detection and Assessment
- Quick checks: There is no simple command to check this directly, but confirm the installed version of Tivoli Provisioning Manager Express for Software Distribution.
- Scanning: Nessus plugin ID 82479 may detect this vulnerability. This is an example only and should be verified.
- Logs and evidence: Look for unusual database activity or error messages related to SQL syntax in application logs. Specific log paths will vary depending on the installation configuration.
4. Solution / Remediation Steps
Fix this issue by upgrading to a supported version of IBM software. There is no patch for Tivoli Provisioning Manager Express for Software Distribution itself.
4.1 Preparation
- Ensure you have a valid license and installation media for Tivoli Endpoint Manager for Lifecycle Management v8.1 or later. A roll back plan involves restoring from the pre-upgrade database backup if issues occur during migration.
- Change windows may be required depending on service impact. Approval should be sought from the IT change management team.
4.2 Implementation
- Step 1: Download and install Tivoli Endpoint Manager for Lifecycle Management v8.1 or later following IBM’s official documentation.
- Step 2: Migrate data from the existing Tivoli Provisioning Manager Express for Software Distribution database to the new Tivoli Endpoint Manager installation. Refer to IBM’s migration guide for detailed instructions.
- Step 3: Verify that all managed devices are successfully communicating with the new Tivoli Endpoint Manager server.
4.3 Config or Code Example
Before
After
4.4 Security Practices Relevant to This Vulnerability
Practices that directly address this vulnerability type include input validation and least privilege access control.
- Practice 1: Input validation prevents malicious code from being processed by the application.
- Practice 2: Least privilege limits the impact of a successful attack by restricting user permissions.
4.5 Automation (Optional)
No automation script is provided as this requires a full product migration.
5. Verification / Validation
Confirm the fix by verifying that the new Tivoli Endpoint Manager installation is functioning correctly and that the vulnerable servlets are no longer accessible.
- Post-fix check: Verify that the Tivoli Endpoint Manager console is accessible and shows managed devices.
- Smoke test: Confirm software distribution tasks can be created and executed successfully through the Tivoli Endpoint Manager interface.
- Monitoring: Monitor application logs for any errors related to SQL queries or database access.
6. Preventive Measures and Monitoring
Update security baselines to include secure coding practices like input validation, and implement a regular patch management process.
- Baselines: Update your application security baseline to require robust input validation for all user-supplied data.
- Pipelines: Integrate SAST tools into the CI/CD pipeline to identify potential SQL injection vulnerabilities during development.
- Asset and patch process: Implement a monthly patch review cycle to ensure timely updates of critical software components.
7. Risks, Side Effects, and Roll Back
Migration may cause temporary service disruption. Data loss is possible if the backup fails.
- Risk or side effect 1: Service interruption during migration. Mitigation: Schedule migration during a maintenance window with minimal user impact.
- Roll back: Restore the database from the pre-upgrade backup and reinstall Tivoli Provisioning Manager Express for Software Distribution.
8. References and Resources
- Vendor advisory or bulletin: https://www.zerodayinitiative.com/advisories/ZDI-12-040/
- NVD or CVE entry: CVE-2012-0199
- Product or platform documentation relevant to the fix: IBM documentation on Tivoli Endpoint Manager for Lifecycle Management v8.1 migration.