IBM WebSphere Application Server 7.0 < Fix Pack 19 Multiple Vulnerabilities

Medium Nessus Plugin ID 56229


The remote application server may be affected by multiple vulnerabilities.


IBM WebSphere Application Server 7.0 before Fix Pack 19 appears to be running on the remote host. As such, it is potentially affected by the following vulnerabilities :

- An open redirect vulnerability exists related to the 'logoutExitPage' parameter. This can allow remote attackers to trick users into requesting unintended URLs. (PM35701)

- The administrative console can display a stack trace under unspecified circumstances and can disclose potentially sensitive information to local users.

- The Installation Verification Tool servlet (IVT) does not properly sanitize user-supplied input of arbitrary HTML and script code, which could allow cross-site scripting attacks. (PM40733)

- A token verification error exists in the bundled OpenSAML library. This error can allow an attacker to bypass security controls with an XML signature wrapping attack via SOAP messages. (PM43254)

- A directory traversal attack is possible via unspecified parameters in the 'help' servlet. (PM45322)


If using WebSphere Application Server, apply Fix Pack 19 ( or later.

Otherwise, if using embedded WebSphere Application Server packaged with Tivoli Directory Server, apply the latest recommended eWAS fix pack.

See Also

Plugin Details

Severity: Medium

ID: 56229

File Name: websphere_7_0_0_19.nasl

Version: $Revision: 1.11 $

Type: remote

Family: Web Servers

Published: 2011/09/19

Modified: 2015/11/18

Dependencies: 57034

Risk Information

Risk Factor: Medium


Base Score: 5.8

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:websphere_application_server

Required KB Items: www/WebSphere

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2011/09/12

Vulnerability Publication Date: 2011/07/15

Reference Information

CVE: CVE-2011-1355, CVE-2011-1356, CVE-2011-1359, CVE-2011-1362, CVE-2011-1411

BID: 48709, 48710, 48890, 49362

OSVDB: 73898, 73903, 74167, 74817, 78575

CWE: 20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990