Armis Vulnerability Intelligence Database

Description Preview

The affected versions of IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated Identity Manager Business Gateway (TFIMBG) do not properly check whether an OpenID attribute is signed in the SREG (simple registration extension) and AX (attribute exchange extension) cases. This vulnerability enables attackers to manipulate OpenID provider data by inserting unsigned attributes, potentially leading to spoofing attacks by malicious actors intercepting the communication between the user and the OpenID provider.

Overview

This vulnerability in IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated Identity Manager Business Gateway (TFIMBG) versions 6.2.0 to 6.2.2 allows for man-in-the-middle attacks, where unsigned attributes can be inserted to spoof OpenID provider data.

Remediation

To remediate this vulnerability, it is recommended to upgrade to the latest patched versions of IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated Identity Manager Business Gateway (TFIMBG). Users should apply the following patches:

TFIM 6.2.0: Upgrade to version 6.2.0.11 or later.
TFIM 6.2.1: Upgrade to version 6.2.1.3 or later.
TFIM 6.2.2: Upgrade to version 6.2.2.2 or later.
TFIMBG 6.2.0: Upgrade to version 6.2.0.11 or later.
TFIMBG 6.2.1: Upgrade to version 6.2.1.3 or later.
TFIMBG 6.2.2: Upgrade to version 6.2.2.2 or later.

References

IBM X-Force Exchange Advisory: tfim-openid-weak-security(77790)
Secunia Advisory: 51212
IBM Support Advisory IV23452: IV23452
IBM Support Advisory IV23453: IV23453
SecurityFocus BID: 56390
IBM Support Advisory: Confirmation
IBM Support Advisory IV23451: IV23451
IBM Support Advisory: Confirmation

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

Accommodation & Food Services
Accommodation & Food Services
Administrative, Support, Waste Management & Remediation Services
Administrative, Support, Waste Management & Remediation Services
Agriculture, Forestry Fishing & Hunting
Agriculture, Forestry Fishing & Hunting
Arts, Entertainment & Recreation
Arts, Entertainment & Recreation
Construction
Construction
Educational Services
Educational Services
Finance and Insurance
Finance and Insurance
Health Care & Social Assistance
Health Care & Social Assistance
Information
Information
Management of Companies & Enterprises
Management of Companies & Enterprises
Manufacturing
Manufacturing
Mining
Mining
Other Services (except Public Administration)
Other Services (except Public Administration)
Professional, Scientific, & Technical Services
Professional, Scientific, & Technical Services
Public Administration
Public Administration
Real Estate Rental & Leasing
Real Estate Rental & Leasing
Retail Trade
Retail Trade
Transportation & Warehousing
Transportation & Warehousing
Utilities
Utilities
Wholesale Trade
Wholesale Trade

Description Preview

Overview

Remediation

References

Focus on What Matters

Let's talk!