IBM WebSphere Portal 8.0.0.x < 8.0.0.1 CF15 Multiple Vulnerabilities

medium Nessus Plugin ID 82850

Synopsis

The remote Windows host has web portal software installed that is affected by multiple vulnerabilities.

Description

The version of IBM WebSphere Portal installed on the remote host is 8.0.0.x prior to 8.0.0.1 CF15. It is, therefore, affected by multiple vulnerabilities :

- A flaw exists in 'Apache Commons HttpClient' that allows a man-in-the-middle attacker to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. (CVE-2012-6153)

- A flaw exists in 'Apache HttpComponents' that allows a man-in-the-middle attacker to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. (CVE-2014-3577)

- An unspecified vulnerability exists that allows an authenticated attacker to execute arbitrary code on the system. (CVE-2014-4808)

- A flaw exists due to improper recursion detection during entity expansion. A remote attacker, via a specially crafted XML document, can cause the system to crash, resulting in a denial of service. (CVE-2014-4814)

- An information disclosure vulnerability exists that allows a remote attacker to identify whether or not a file exists based on the web server error codes.
(CVE-2014-4821)

- A cross-site scripting vulnerability exists in the 'Preview' plugin in CKEditor, which allows a remote attacker to inject arbitrary data via unspecified vectors. (CVE-2014-5191)

- A cross-site scripting vulnerability exists that allows an attacker to inject arbitrary web script or HTML via a specially crafted URL. (CVE-2014-6171)

- A flaw exists when the Managed Pages setting is enabled that allows a remote, authenticated attacker to write to pages via an XML injection attack. (CVE-2014-6193)

- A cross-site scripting vulnerability exists in the Blog Portlet, which allows an attacker to inject arbitrary data via a specially crafted URL. (CVE-2014-8902)

Solution

Upgrade to IBM WebSphere Portal 8.0.0.1 Cumulative Fix 15 (CF15) or later.

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg24034497#WP15

Plugin Details

Severity: Medium

ID: 82850

File Name: websphere_portal_8_0_0_1_cf15.nasl

Version: 1.4

Type: local

Family: CGI abuses

Published: 4/17/2015

Updated: 1/19/2021

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 4.8

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:websphere_portal

Required KB Items: installed_sw/IBM WebSphere Portal

Exploit Ease: No exploit is required

Patch Publication Date: 2/3/2015

Vulnerability Publication Date: 9/4/2014

Reference Information

CVE: CVE-2012-6153, CVE-2014-3577, CVE-2014-4808, CVE-2014-4814, CVE-2014-4821, CVE-2014-5191, CVE-2014-6171, CVE-2014-6193, CVE-2014-8902

BID: 69161, 69257, 69258, 70755, 70757, 70758