IBM WebSphere Application Server 7.0 < Fix Pack 25 Multiple Vulnerabilities

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.

Synopsis :

The remote application server may be affected by multiple vulnerabilities.

Description :

IBM WebSphere Application Server 7.0 before Fix Pack 25 appears to be
running on the remote host. As such, it is potentially affected by the
following vulnerabilities :

- Several errors exist related to SSL/TLS that can allow
an attacker to carry out denial of service attacks
against the application. (CVE-2012-2190, CVE-2012-2191,

- Unspecified cross-site scripting issues exist related to
the administrative console. (CVE-2012-3293, PM60839)

- An unspecified error in the 'ISC Console' can allow a
remote attacker to take over a valid user's session.
(CVE-2012-3304, PM54356)

- An unspecified directory traversal error exists that
can allow remote attackers to overwrite files outside
the application's deployment directory. (CVE-2012-3305,

- When multi-domain support is enabled, the application
does not properly purge passwords from the
authentication cache. (CVE-2012-3306, PM66514)

- An error exists related to 'Federated Repositories',
'IIOP' connections, 'CBIND' checking and 'Optimized
Local Adapters' that can allow a remote attacker to
bypass security restrictions. Note that this issue
affects the application when running on z/OS.
(CVE-2012-3311, PM61388)

- The fix contained in PM44303 contains an error that
can allow an authenticated attacker to bypass security
restrictions and gain administrative access to the
application. (CVE-2012-3325, PM71296)

See also :

Solution :

If using WebSphere Application Server, apply Fix Pack 25 ( or

Otherwise, if using embedded WebSphere Application Server packaged with
Tivoli Directory Server, apply the latest recommended eWAS fix pack.

Risk factor :

Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.9
Public Exploit Available : false