IBM WebSphere Application Server Multiple Vulnerabilities
Medium Nessus Plugin ID 57826
SynopsisThe remote application server is susceptible to an insecure file permission vulnerability, a cross-site scripting attack, and other unspecified vulnerabilities.
DescriptionThe version of IBM WebSphere application server running on the remote host is potentially affected by multiple vulnerabilities :
- An insecure file permission vulnerability that only affects WebSphere Application Server running on the IBM i platform. A local attacker may be able to exploit this issue to obtain potentially sensitive information or modify files in certain directories. (CVE-2011-1376)
- Cross-site scripting and other unspecified vulnerabilities affecting the z/OS platform.
SolutionApply Fix Pack 43 for 6.1 / 21 for 7.0 / 2 for 8.0 or later.