New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 6.7
Synopsis
The remote application server is affected by multiple vulnerabilities.
Description
IBM WebSphere Application Server 7.0 before Fix Pack 5 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities :
- Non-standard HTTP methods are allowed. (PK73246)
- If the admin console is directly accessed from HTTP, the console fails to redirect the connection to a secure login page. (PK77010)
- An error in Single Sign-on (SSO) with SPNEGO implementation could allow a remote attacker to bypass security restrictions. (PK77465)
- 'wsadmin' is affected by a security exposure. (PK77495)
- Security flag 'isSecurityEnabled' is incorrectly set after migrating from VMM. (PK78134)
- Use of insecure password obfuscation algorithm by Web services could result in weaker than expected security provided the client module specifies a password in ibm-webservicesclient-bind.xmi and target environment has custom password encryption enabled. (PK79275)
- After upgrading from WebSphere Application Server V6.1 to V7.0 with tracing enabled, an attacker may be able view sensitive information by viewing the trace files.
(PK80337)
- If CSIv2 Security is configured with Identity Assertion, it may be possible for a remote attacker to bypass security restrictions. (PK83097)
- New applications deployed in WebSphere Application Server for z/OS prior to 1.8 are saved on the file system with insecure privileges resulting in disclosure of sensitive information. (PK83308)
- Configservice APIs could display sensitive information.
(PK84999)
- Vulnerabilities in Apache HTTP server could allow a local user to gain elevated privileges. (PK86232)
- A error in 'wsadmin' could allow a remote attacker to bypass security restrictions. (PK86328)
- A vulnerability in portlet serving enable parameter could allow an attacker to bypass security restrictions and gain unauthorized access to the application. (PK89385)
Solution
Apply Fix Pack 5 (7.0.0.5) or later.