IBM WebSphere Application Server 8.5 < Fix Pack 1 Multiple Vulnerabilities

High Nessus Plugin ID 62975

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 5.9

Synopsis

The remote application server may be affected by multiple vulnerabilities.

Description

IBM WebSphere Application Server 8.5 before Fix Pack 1 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities :

- An input validation error exists related to the 'Eclipse Help System' that can allow arbitrary redirect responses to HTTP requests. (CVE-2012-2159, PM66410)

- Several errors exist related to SSL/TLS that can allow an attacker to carry out denial of service attacks against the application. (CVE-2012-2190, CVE-2012-2191, PM66218)
- Unspecified cross-site scripting issues exist related to the administrative console. (CVE-2012-3293, PM60839)

- An unspecified error in the 'ISC Console' can allow a remote attacker to take over a valid user's session.
(CVE-2012-3304, PM54356)

- An unspecified directory traversal error exists that can allow remote attackers to overwrite files outside the application's deployment directory. (CVE-2012-3305, PM62467)

- When multi-domain support is enabled, the application does not properly purge passwords from the authentication cache. (CVE-2012-3306, PM66514)

- An error exists related to 'Federated Repositories', 'IIOP' connections, 'CBIND' checking and 'Optimized Local Adapters' that can allow a remote attacker to bypass security restrictions. Note that this issue affects the application when running on z/OS.
(CVE-2012-3311, PM61388)

- The fix contained in PM44303 contains an error that can allow an authenticated attacker to bypass security restrictions and gain administrative access to the application. (CVE-2012-3325, PM71296)

- A request validation error exists related to the proxy server component that can allow a remote attacker to cause the proxy status to be reported as disabled thus denying applications access to the proxy.
(CVE-2012-3330, PM71319)

- A request validation error exists related to the 'Liberty Profile' and 'JAX-RS' that can allow a remote attacker to elevate privileges. (CVE-2012-4850, PM67082)

- A user-supplied input validation error exists related to the 'Liberty Profile' that can allow cross-site scripting attacks to be carried out. (CVE-2012-4851, PM68643)

- A user-supplied input validation error exists that can allow cross-site request forgery (CSRF) attacks to be carried out. (CVE-2012-4853, PM62920)

Solution

Apply Fix Pack 1 for version 8.5 (8.5.0.1) or later.

See Also

http://www.nessus.org/u?bad06dcb

http://www.nessus.org/u?58770565

http://www.nessus.org/u?80adf3bd

http://www.nessus.org/u?fcf28d02

https://www-304.ibm.com/support/docview.wss?uid=swg21618044

https://www-304.ibm.com/support/docview.wss?uid=swg21620517

https://www-304.ibm.com/support/docview.wss?uid=swg21620518

http://www-01.ibm.com/support/docview.wss?uid=swg24033606

http://www-01.ibm.com/support/docview.wss?&uid=swg21614265

http://www-01.ibm.com/support/docview.wss?uid=swg27036319#8501

Plugin Details

Severity: High

ID: 62975

File Name: websphere_8_5_0_1.nasl

Version: 1.12

Type: remote

Family: Web Servers

Published: 2012/11/20

Updated: 2019/12/04

Dependencies: 57034

Risk Information

Risk Factor: High

VPR Score: 5.9

CVSS Score Source: CVE-2012-4850

CVSS v2.0

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:websphere_application_server

Required KB Items: www/WebSphere

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2012/10/29

Vulnerability Publication Date: 2012/05/31

Reference Information

CVE: CVE-2012-2159, CVE-2012-2190, CVE-2012-2191, CVE-2012-3293, CVE-2012-3304, CVE-2012-3305, CVE-2012-3306, CVE-2012-3311, CVE-2012-3325, CVE-2012-3330, CVE-2012-4850, CVE-2012-4851, CVE-2012-4853

BID: 53884, 54743, 55149, 55185, 55309, 55671, 55678, 56423, 56458, 56459, 56460

CWE: 20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990