IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.2 Multiple Vulnerabilities
high Nessus Plugin ID 74235
Language:
New! Plugin Severity Now Using CVSS v3
The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Synopsis
The remote application server may be affected by multiple vulnerabilities.Description
IBM WebSphere Application Server 8.5 prior to Fix Pack 8.5.5.2 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities :- Numerous errors exist related to the included IBM SDK for Java (based on the Oracle JDK) that could allow denial of service attacks and information disclosure.
(CVE-2013-5372, CVE-2013-5780, CVE-2013-5803)
- User input validation errors exist related to the Administrative console and the Oauth component that could allow cross-site scripting attacks.
(CVE-2013-6725 / PM98132, CVE-2013-6323 / PI04777, CVE-2013-6738 / PI05661)
- An error exists due to a failure to properly handle by web services endpoint requests that could allow denial of service attacks.
(CVE-2013-6325 / PM99450, PI08267)
- An error exists in the included IBM Global Security Kit related to SSL handling that could allow denial of service attacks. (CVE-2013-6329 / PI05309)
- A flaw exists with the 'mod_dav' module that is caused when tracking the length of CDATA that has leading white space. A remote attacker with a specially crafted DAV WRITE request can cause the service to stop responding. (CVE-2013-6438 / PI09345)
- An error exists in the included IBM Global Security Kit related to malformed X.509 certificate chain handling that could allow denial of service attacks.
(CVE-2013-6747 / PI09443)
- An error exists in the included Apache Tomcat version related to handling 'Content-Type' HTTP headers and multipart requests such as file uploads that could allow denial of service attacks. (CVE-2014-0050 / PI12648, PI12926)
- An unspecified error exists that could allow file disclosures to remote unauthenticated attackers.
(CVE-2014-0823 / PI05324)
- An unspecified error exists related to the Administrative console that could allow a security bypass. (CVE-2014-0857 / PI07808)
- An error exists related to a web server plugin and retrying failed POST requests that could allow denial of service attacks. (CVE-2014-0859 / PI08892)
- An error exists related to the Proxy and ODR components that could allow information disclosure. (CVE-2014-0891 / PI09786)
- An unspecified error exists related to the 'Liberty Profile' that could allow information disclosure.
(CVE-2014-0896 / PI10134)
Solution
Apply Fix Pack 8.5.5.2 for version 8.5 (8.5.5.0) or later.See Also
http://www-01.ibm.com/support/docview.wss?uid=swg24037250
http://www-01.ibm.com/support/docview.wss?uid=swg27036319#8552
Plugin Details
Severity: High
ID: 74235
File Name: websphere_8_5_5_2.nasl
Version: 1.12
Type: remote
Family: Web Servers
Published: 5/29/2014
Updated: 11/26/2019
Dependencies: websphere_detect.nasl
Risk Information
CVSS Score Source: CVE-2014-0050
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.9
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Temporal Vector: E:POC/RL:OF/RC:C
Vulnerability Information
CPE: cpe:/a:ibm:websphere_application_server
Required KB Items: www/WebSphere
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/28/2014
Vulnerability Publication Date: 10/16/2013
Reference Information
CVE: CVE-2013-5372, CVE-2013-5780, CVE-2013-5803, CVE-2013-6323, CVE-2013-6325, CVE-2013-6329, CVE-2013-6438, CVE-2013-6725, CVE-2013-6738, CVE-2013-6747, CVE-2014-0050, CVE-2014-0823, CVE-2014-0857, CVE-2014-0859, CVE-2014-0891, CVE-2014-0896
BID: 63082, 63115, 63224, 64249, 65096, 65099, 65156, 65400, 66303, 67051, 67327, 67328, 67329, 67335, 67579, 67720