Detections
Analytics

IBM WebSphere Portal Apache Struts ClassLoader Manipulation RCE

high Nessus Plugin ID 77535

Language:

Synopsis

The remote Windows host has web portal software installed that is affected by a remote code execution vulnerability.

Description

The version of IBM WebSphere Portal on the remote host is affected by a remote code execution vulnerability in the Apache Struts ClassLoader. A remote attacker can exploit this issue by manipulating the 'class' parameter of an ActionForm object to execute arbitrary code.

Solution

Apply the appropriate patches listed in the advisory.

See Also

https://www-304.ibm.com/support/docview.wss?uid=swg21680194

http://www.nessus.org/u?6f272d04

Plugin Details

Severity: High

ID: 77535

File Name: websphere_portal_cve-2014-0114.nasl

Version: 1.10

Type: local

Family: CGI abuses

Published: 9/5/2014

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.5

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:ibm:websphere_portal, cpe:/a:apache:struts

Required KB Items: installed_sw/IBM WebSphere Portal

Exploit Available: true

Exploit Ease: No exploit is required

Patch Publication Date: 7/25/2014

Vulnerability Publication Date: 4/29/2014

Exploitable With

Metasploit (Apache Struts ClassLoader Manipulation Remote Code Execution)

Reference Information

CVE: CVE-2014-0114

BID: 67121