IBM WebSphere Portal Apache Struts ClassLoader Manipulation RCE

High Nessus Plugin ID 77535

Synopsis

The remote Windows host has web portal software installed that is affected by a remote code execution vulnerability.

Description

The version of IBM WebSphere Portal on the remote host is affected by a remote code execution vulnerability in the Apache Struts ClassLoader. A remote attacker can exploit this issue by manipulating the 'class' parameter of an ActionForm object to execute arbitrary code.

Solution

Apply the appropriate patches listed in the advisory.

See Also

https://www-304.ibm.com/support/docview.wss?uid=swg21680194

http://www.nessus.org/u?6f272d04

Plugin Details

Severity: High

ID: 77535

File Name: websphere_portal_cve-2014-0114.nasl

Version: 1.8

Type: local

Family: CGI abuses

Published: 2014/09/05

Updated: 2018/08/06

Dependencies: 72644

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:websphere_portal, cpe:/a:apache:struts

Exploit Available: false

Exploit Ease: No exploit is required

Patch Publication Date: 2014/07/25

Vulnerability Publication Date: 2014/04/29

Exploitable With

Metasploit (Apache Struts ClassLoader Manipulation Remote Code Execution)

Reference Information

CVE: CVE-2014-0114

BID: 67121