IBM WebSphere Application Server 7.0 < / 8.0 < / 8.5 < / Liberty 16.0 < CRLF Sequences HTTP Response Splitting

Medium Nessus Plugin ID 92724


A web application server running on the remote host is affected by an HTTP response splitting vulnerability.


The IBM WebSphere Application Server running on the remote host is version 7.0 prior to, 8.0 prior to, 8.5 prior to, or 16.0 (Liberty) prior to It is, therefore, affected by an HTTP response splitting vulnerability due to a failure to properly sanitize CRLF character sequences before user-supplied input is included in HTTP responses. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a specially crafted URL link, to inject arbitrary HTTP headers.


Apply IBM WebSphere Application Server version 7.0 Fix Pack 43 ( / 8.0 Fix Pack 13 ( / 8.5 Fix Pack 10 ( Liberty 16.0 Fix Pack 2 ( or later. Alternatively, apply the appropriate interim fixes as recommended in the vendor advisory.

See Also

Plugin Details

Severity: Medium

ID: 92724

File Name: websphere_16_0_0_2.nasl

Version: $Revision: 1.8 $

Type: remote

Family: Web Servers

Published: 2016/08/04

Modified: 2017/03/03

Dependencies: 57034, 92725

Risk Information

Risk Factor: Medium


Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND


Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Vulnerability Information

CPE: cpe:/a:ibm:websphere_application_server

Required KB Items: www/WebSphere

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/06/23

Vulnerability Publication Date: 2016/06/23

Reference Information

CVE: CVE-2016-0359

BID: 91484

OSVDB: 140488