IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability

Bugtraq ID:	69183
Class:	Unknown
CVE:	CVE-2014-3086
Remote:	Yes
Local:	No
Published:	Jul 31 2014 12:00AM
Updated:	Apr 13 2015 09:08PM
Credit:	IBM
Vulnerable:	IBM WebSphere Real Time 3.0 IBM WebSphere Real Time 3 SR7 IBM WebSphere Message Broker 8.0 IBM WebSphere Message Broker 7.0 IBM Vios 2.2.3 IBM Vios 2.2.1 4 IBM Vios 2.2.3.3 IBM Vios 2.2.3.2 IBM Vios 2.2.3.0 IBM Vios 2.2.2.5 IBM Vios 2.2.2.0 IBM Vios 2.2.2.0 IBM Vios 2.2.1.9 IBM Vios 2.2.1.8 IBM Vios 2.2.1.3 IBM Vios 2.2.1.1 IBM Vios 2.2.1.0 IBM Vios 2.2.0.13 IBM Vios 2.2.0.12 IBM Vios 2.2.0.11 IBM Vios 2.2.0.10 IBM TS7740 Virtualization Engine 3957-V07 IBM TS7740 Virtualization Engine 3957-V06 IBM TS7720 Virtualization Engine 3957-VEB IBM TS7720 Virtualization Engine 3957-VEA IBM TRIRIGA for Energy Optimization 1.1 IBM Tivoli System Automation for Integrated Operations Management 2.1.1 IBM Tivoli System Automation for Integrated Operations Management 2.1 IBM Tivoli Storage Productivity Center 5.2.2 IBM Tivoli Storage Productivity Center 5.2.1 0 IBM Tivoli Storage Productivity Center 5.2 IBM Tivoli Storage Productivity Center 5.1.1 3 IBM Tivoli Storage Productivity Center 5.1.1 IBM Tivoli Storage Productivity Center 5.1 IBM Tivoli Storage Productivity Center 4.2.2 143 IBM Tivoli Storage Productivity Center 4.2.2 IBM Tivoli Storage Productivity Center 5.2.3 IBM Tivoli Storage Productivity Center 5.2.1.1 IBM Tivoli Storage Productivity Center 5.1.1.5 IBM Tivoli Storage Productivity Center 5.1.1.4 IBM Tivoli Storage Productivity Center 5.1.1.2 IBM Tivoli Storage Productivity Center 5.1.1.1 IBM Tivoli Storage Productivity Center 5.1.1.0 IBM Tivoli Storage Productivity Center 4.2.2.184 IBM Tivoli Storage Productivity Center 4.2.2.178 IBM Tivoli Storage Productivity Center 4.2.2.177 IBM Tivoli Storage Productivity Center 4.2.2.145 IBM Tivoli Storage Productivity Center 4.2.1 IBM Tivoli Storage Productivity Center 4.2.0 IBM Tivoli Service Request Manager 7.5 IBM Tivoli Service Request Manager 7.2.2 IBM Tivoli Service Request Manager 7.2.1.2 IBM Tivoli Service Request Manager 7.2.1.0 IBM Tivoli Service Request Manager 7.2.0.1 IBM Tivoli Service Request Manager 7.2.0.0 IBM Tivoli Service Request Manager 7.1.1 IBM Tivoli Monitoring 6.3 IBM Tivoli Monitoring 6.2.3 IBM Tivoli Monitoring 6.2.2 IBM Tivoli Monitoring 6.2.1 IBM Tivoli Monitoring 6.2.0 IBM Tivoli Endpoint Manager for Remote Control 8.2.1 IBM Tivoli Composite Application Manager for Transactions 7.4 IBM Tivoli Composite Application Manager for Transactions 7.3.0 IBM Tivoli Composite Application Manager for Transactions 7.2.0 IBM Tivoli Composite Application Manager for Transactions 7.1.0 IBM Tivoli Change And Configuration Management Database 7.1.1 IBM Tivoli Change And Configuration Management Database 7.5 IBM Tivoli Asset Management for IT 7.2.1 2 IBM Tivoli Asset Management for IT 7.1.1 IBM Tivoli Asset Management for IT 7.5 IBM Tivoli Asset Management for IT 7.2.2 IBM Tivoli Asset Management for IT 7.2.1.0 IBM Tivoli Asset Management for IT 7.2.0.1 IBM Tivoli Application Dependency Discovery Manager 7.2.2 1 IBM Tivoli Application Dependency Discovery Manager 7.2.1 3 IBM Tivoli Application Dependency Discovery Manager 7.2.1 2 IBM Tivoli Application Dependency Discovery Manager 7.2.1 1 IBM Tivoli Application Dependency Discovery Manager 7.2.1 IBM Tivoli Application Dependency Discovery Manager 7.2.2.2 IBM Tivoli Application Dependency Discovery Manager 7.2.2.0 IBM Tivoli Application Dependency Discovery Manager 7.2.1.6 IBM Tivoli Application Dependency Discovery Manager 7.2.1.5 IBM Tivoli Application Dependency Discovery Manager 7.2.1.4 IBM Tivoli Application Dependency Discovery Manager 7.2.0.8 IBM Tivoli Application Dependency Discovery Manager 7.2.0.7 IBM Tivoli Application Dependency Discovery Manager 7.2.0.6 IBM Tivoli Application Dependency Discovery Manager 7.2.0.5 IBM Tivoli Application Dependency Discovery Manager 7.2.0.4 IBM Tivoli Application Dependency Discovery Manager 7.2.0.3 IBM Tivoli Application Dependency Discovery Manager 7.2.0.2 IBM Tivoli Application Dependency Discovery Manager 7.2.0.10 IBM Tivoli Application Dependency Discovery Manager 7.2.0.1 IBM Tivoli Application Dependency Discovery Manager 7.2.0 IBM Smart Analytics System 5600 V3 9.7 IBM Smart Analytics System 5600 V3 10.1 IBM Smart Analytics System 5600 V2 9.7 IBM Smart Analytics System 5600 V2 10.1 IBM Smart Analytics System 5600 V1 9.7 IBM Smart Analytics System 5600 V1 10.1 IBM Rational Functional Tester 8.3 2 IBM Rational Functional Tester 8.2.2 1 IBM Rational Functional Tester 8.2.2 IBM Rational Functional Tester 8.6 IBM Rational Functional Tester 8.5.1.2 IBM Rational Functional Tester 8.5.1.1 IBM Rational Functional Tester 8.5.1 IBM Rational Functional Tester 8.5.0.1 IBM Rational Functional Tester 8.5 IBM Rational Functional Tester 8.3.0.1 IBM Rational Functional Tester 8.3 IBM PureApplication System 2.0 IBM PureApplication System 1.1 IBM PureApplication System 1.0 IBM Maximo for Utilities 7.1.1 IBM Maximo for Utilities 7.5 IBM Maximo for Transportation 7.1.1 IBM Maximo for Transportation 7.5 IBM Maximo for Oil and Gas 7.1.1 IBM Maximo for Nuclear Power 7.1.1 IBM Maximo for Nuclear Power 7.5 IBM Maximo for Life Sciences 7.1.1 IBM Maximo for Life Sciences 7.5 IBM Maximo for Government 7.1.1 IBM Maximo for Government 7.5 IBM Maximo Asset Management for Energy Optimization 7.1.1 IBM Maximo Asset Management for Energy Optimization 7.5 IBM Maximo Asset Management Essentials 7.5 IBM Maximo Asset Management 7.1.1 IBM Maximo Asset Management 7.5 IBM Lotus Domino 9.0.1.0 IBM Lotus Domino 8.5.3.6 IBM Lotus Domino 8.5.3.5 IBM Java SDK 7R1 SR1 IBM Java SDK 7 SR7 IBM Java SDK 6 SR16 IBM Java SDK 5.0 SR16-FP6 IBM Integration Bus 9.0.0.0 IBM i 7.2 IBM i 7.1 IBM i 6.1 IBM Endpoint Manager for Remote Control 9.1.0 IBM Cognos Business Viewpoint 10.1.1 FP2 IBM Cognos Business Viewpoint 10.1.1 FP1 IBM Cognos Business Viewpoint 10.1 FP1 IBM CICS Transaction Gateway 9.1 IBM CICS Transaction Gateway 9.0 IBM CICS Transaction Gateway 8.1 IBM CICS Transaction Gateway 8.0 IBM CICS Transaction Gateway 7.2 IBM AIX 7.1 IBM AIX 6.1 IBM AIX 5.3
Not Vulnerable:	IBM WebSphere Real Time 3 SR7 FP1 IBM Tivoli Storage Productivity Center 5.2.4 IBM Tivoli Storage Productivity Center 5.1.1.6 IBM Tivoli Storage Productivity Center 4.2.2.191

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability

IBM WebSphere Real Time is prone to an unspecified privilege-escalation vulnerability.

Attackers can leverage this issue to gain elevated privileges. Successful exploits may compromise affected computers.

IBM WebSphere Real Time 3.0, and 3 SR7 are vulnerable.

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

IBM WebSphere Real Time CVE-2014-3086 Unspecified Privilege Escalation Vulnerability

References:

• IBM Homepage (IBM)
  
• IBM Pure Application System - Java SE issues disclosed in the Oracle July 2014 C (IBM)
  
• IBM Tivoli Monitoring clients affected by vulnerabilities in IBM SDK, Java Techn (IBM)
  
• IV62634: FIX SECURITY VULNERABILITY CVE-2014-3086 (IBM)
  
• Multiple vulnerabilities in current releases of the IBM? SDK, Java Technology Ed (IBM)
  
• Multiple vulnerabilities in IBM Java SDK and IBM? Java Runtime, affect Tivoli En (IBM)
  
• Multiple vulnerabilities in the IBM SDK Java (IBM)
  
• Security Bulletin: CICS Transaction Gateway for Multiplatforms (IBM)
  
• WebSphere Real Time Product Page (IBM)
  
• IBM Notes and Domino - Multiple vulnerabilities in IBM Java (IBM)
  
• IBM Tivoli Composite Application Manager for Transactions affected by multiple v (IBM)
  
• IBM Virtualization Engine TS7700 13 Multiple CVEs from the IBM SDK, Java!22 Tec (IBM)
  
• Multiple vulnerabilities in IBM Java Runtime affect IBM Cognos Business Viewpoin (IBM)
  
• Multiple vulnerabilities in IBM Java SDK affect Tivoli Storage Productivity Cent (IBM)
  
• Security Bulletin for IBM Integration Bus and WebSphere Message Broker: Multiple (IBM)
  
• Security Bulletin: IBM Smart Analytics System 5600 is affected by multiple vulne (IBM)
  
• Security Bulletin: Multiple vulnerabilities in current releases of the IBM® WebS (IBM)
  
• Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Asset and Ser (IBM)
  
• Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM? Java Runtim (IBM)
  
• Security Bulletin: Vulnerability in IBM Java SDKs and IBM Java Runtime Technolog (IBM)
  
• Vulnerabilities in IBM Tivoli System Automation for Integrated Operations Manage (IBM)