IBM WebSphere Portal Multiple Vulnerabilities (swg21976358)

high Nessus Plugin ID 89689

Synopsis

The web portal software installed on the remote Windows host is affected by multiple vulnerabilities.

Description

The IBM WebSphere Portal installed on the remote host is version 6.1.0.x prior to 6.1.0.6 CF27 with patches, 6.1.5.x prior to 6.1.5.3 CF27 with patches, 7.0.0.x prior to 7.0.0.2 CF29 with patches, 8.0.0.x prior to 8.0.0.1 CF20, or 8.5.0.0 prior to 8.5.0.0 CF09 with patches.
It is, therefore, affected by multiple vulnerabilities :

- An open redirect vulnerability exists due to improper validation of input before returning it to the user. An attacker can exploit this, via a specially crafted link, to redirect a victim to an arbitrary website.
(CVE-2015-7428)

- A security bypass vulnerability exists due to insecure permissions. A remote attacker can exploit this to make changes to content items. (CVE-2015-7455)

- Multiple unspecified cross-site scripting vulnerabilities exist due to improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session. (CVE-2015-7457, CVE-2015-7491, CVE-2016-0243, CVE-2016-0244)

- An XML External Entity (XXE) injection vulnerability exists due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. A remote attacker can exploit this, via specially crafted XML data, to cause a denial of service condition or to disclose sensitive information.
(CVE-2016-0245)

Solution

Apply the appropriate fixes per the vendor advisory.

- For 6.1.0.x, upgrade to version 6.1.0.6 CF27 and apply interim fixes PI54088 and PI55327.

- For 6.1.5.x, upgrade to version 6.1.5.3 CF27 and apply interim fixes PI54088 and PI55327.

- For 7.0.0.x, upgrade to version 7.0.0.2 CF29 and apply interim fixes PI51234, PI55327, and PI54088.

- For 8.0.0.x, upgrade to version 8.0.0.1 CF20.

- For 8.5.0.x, upgrade to version 8.5.0 CF09 and apply interim fix PI56682.

See Also

https://www-01.ibm.com/support/docview.wss?uid=swg21976358

Plugin Details

Severity: High

ID: 89689

File Name: websphere_portal_swg21976358.nasl

Version: 1.7

Type: local

Family: CGI abuses

Published: 3/4/2016

Updated: 11/20/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2015-7428

CVSS v3

Risk Factor: High

Base Score: 7.4

Temporal Score: 6.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:websphere_portal

Required KB Items: installed_sw/IBM WebSphere Portal

Exploit Ease: No exploit is required

Patch Publication Date: 2/29/2016

Vulnerability Publication Date: 2/29/2016

Reference Information

CVE: CVE-2015-7428, CVE-2015-7455, CVE-2015-7457, CVE-2015-7491, CVE-2016-0243, CVE-2016-0244, CVE-2016-0245