Detections
Analytics
IBM WebSphere Application Server 7.0 < Fix Pack 31 Multiple Vulnerabilities
medium Nessus Plugin ID 72061
Language:
Synopsis
The remote application server is potentially affected by multiple vulnerabilities.Description
IBM WebSphere Application Server 7.0 before Fix Pack 31 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities :- A flaw in the mod_rewrite module of Apache HTTP Server potentially allows a remote attacker to execute arbitrary code via HTTP. (CVE-2013-1862, PM87808)
- An XSS vulnerability exists in IBM WebSphere Application Server due to a failure to sanitize user-supplied input in the Administrative console. (CVE-2013-4005, PM88208)
- A denial of service vulnerability exists when using the optional mod_dav module. (CVE-2013-1896, PM89996)
- A denial of service vulnerability exists due the use of Apache Ant to compress files. (CVE-2012-2098, PM90088)
- A privilege escalation vulnerability exists on IBM WebSphere Application Servers using WS-Security that are configured for XML Digital Signature using trust store.
(CVE-2013-4053, PM90949, PM91521)
- An XSS vulnerability exists in IBM WebSphere Application Server caused by a failure to sanitize user-supplied input in the UDDI Administrative console.
(CVE-2013-4052, PM91892)
- A privilege escalation vulnerability exists in IBM WebSphere Application Servers that have been migrated from version 6.1 or later. (CVE-2013-5414, PM92313)
- An XSS vulnerability exists in IBM WebSphere Application Server due to a failure to sanitize application HTTP response data. (CVE-2013-5417, PM93323, PM93944)
- An XSS vulnerability exists in IBM WebSphere Application Server due to a failure to sanitize user-supplied input in the Administrative console. (CVE-2013-5418, PM96477)
- An XSS vulnerability exists in IBM WebSphere Application Server due to a failure to sanitize user-supplied input in the Administrative console. (CVE-2013-6725, PM98132)
- An information disclosure vulnerability exists in IBM WebSphere Application Servers configured to use static file caching using the simpleFileServlet.
(CVE-2013-6330, PM98624)
- A denial of service vulnerability exists in IBM WebSphere Application Server due to a failure to properly handle requests by a web services endpoint.
(CVE-2013-6325, PM99450)
- An information disclosure vulnerability exists in the IBM SDK for Java that ships with IBM WebSphere Application Server related to JSSE. (CVE-2013-5780)
- A denial of service vulnerability exists in the IBM SDK for Java that ships with IBM WebSphere Application Server related to XML. (CVE-2013-5372)
- A denial of service vulnerability exists in the IBM SDK for Java that ships with IBM WebSphere Application Server related to JSSE. (CVE-2013-5803)
Solution
If using WebSphere Application Server, apply Fix Pack 31 (7.0.0.31) or later.Otherwise, if using embedded WebSphere Application Server packaged with Tivoli Directory Server, apply the latest recommended eWAS fix pack.
See Also
http://www.nessus.org/u?d2f64a49
Plugin Details
Severity: Medium
ID: 72061
File Name: websphere_7_0_0_31.nasl
Version: 1.6
Type: remote
Family: Web Servers
Published: 1/20/2014
Updated: 8/6/2018
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.8
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:ibm:websphere_application_server
Required KB Items: www/WebSphere
Exploit Ease: No known exploits are available
Patch Publication Date: 1/15/2014
Vulnerability Publication Date: 6/10/2013
Reference Information
CVE: CVE-2012-2098, CVE-2013-1862, CVE-2013-1896, CVE-2013-4005, CVE-2013-4052, CVE-2013-4053, CVE-2013-5372, CVE-2013-5414, CVE-2013-5417, CVE-2013-5418, CVE-2013-5780, CVE-2013-5803, CVE-2013-6325, CVE-2013-6330, CVE-2013-6725
BID: 53676, 59826, 61129, 61901, 62336, 62338, 63082, 63115, 63224, 63778, 63780, 63781, 65096, 65099, 65100