IBM WebSphere Application Server 6.0 < 188.8.131.52 Multiple Vulnerabilities
Medium Nessus Plugin ID 44588
SynopsisThe remote application server is affected by multiple vulnerabilities.
DescriptionIBM WebSphere Application Server 6.0 before Fix Pack 39 for 6.0.2 appears to be running on the remote host. As such, it is reportedly affected by multiple vulnerabilities :
- A cross-site request forgery vulnerability exists due to insufficient validation of user-supplied input by the administrative console. An authenticated user could exploit this vulnerability to perform cross-site scripting attacks. (PK87176)
- Due to an error in Java Naming and Directory Interface, it may be possible to obtain sensitive information.
SolutionApply Fix Pack 39 for version 6.0.2 (184.108.40.206) or later.