IBM WebSphere Application Server 7.0 < Fix Pack 37 Multiple Vulnerabilities (POODLE)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote application server is affected by multiple vulnerabilities.

Description :

The IBM WebSphere Application Server running on the remote host is
version 7.0 prior to Fix Pack 37. It is, therefore, affected by the
following vulnerabilities :

- A man-in-the-middle (MitM) information disclosure
vulnerability known as POODLE. The vulnerability is due
to the way SSL 3.0 handles padding bytes when decrypting
messages encrypted using block ciphers in cipher block
chaining (CBC) mode. MitM attackers can decrypt a
selected byte of a cipher text in as few as 256 tries if
they are able to force a victim application to
repeatedly send the same data over newly created SSL 3.0
connections. (CVE-2014-3566 / PI27101)

- An input validation error exists related to session
input using URL rewriting that can allow cross-site
scripting attacks. (CVE-2014-6167 / PI23819)

- An error exists related to the administrative console
that can allow 'click-jacking' attacks.
(CVE-2014-6174 / PI27152)

- Multiple errors exist in the bundled IBM Java SDK. These
errors are corrected by the October 2014 IBM Java SDK
updates. (CVE-2014-6457, CVE-2014-6512, CVE-2014-6558 /
PI27101)

- Multiple errors exist in the bundled IBM Java SDK. These
errors are corrected by the January 2015 IBM Java SDK
updates. (CVE-2014-6593, CVE-2015-0400, CVE-2015-0410) /
PI33407

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg27014463#70037
http://www-01.ibm.com/support/docview.wss?uid=swg24039338
https://www-304.ibm.com/support/docview.wss?uid=swg21687740
http://www-01.ibm.com/support/docview.wss?uid=swg21695362
https://www.imperialviolet.org/2014/10/14/poodle.html
https://www.openssl.org/~bodo/ssl-poodle.pdf
https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00

Solution :

Apply Fix Pack 37 (7.0.0.37) or later.

Note that interim fixes are available. Refer to the vendor security
advisory for interim fix identifiers.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now