IBM WebSphere Application Server < / < / < OIDC Privilege Escalation

High Nessus Plugin ID 97858


The remote web application server is affected by a privilege escalation vulnerability.


The IBM WebSphere Application Server running on the remote host is version prior to, prior to, or prior to It is, therefore, affected by a privilege escalation vulnerability in the OpenID Connect (OIDC) Trust Association Interceptor (TAI) that is triggered when the custom property includes the OIDC TAI class name
An unauthenticated, remote attacker can exploit this to gain elevated privileges.


Apply IBM WebSphere Application Server version 8.0 Fix Pack 14 ( / 8.5 Fix Pack 12 ( / 9.0 Fix Pack 4 ( or later. Alternatively, upgrade to the minimal fix pack levels required by the interim fix and then apply Interim Fix PI74857. As a workaround, disable InvokeTAIbeforeSSO for the OIDC TAI class per the vendor advisory.

See Also

Plugin Details

Severity: High

ID: 97858

File Name: websphere_9_0_0_4.nasl

Version: $Revision: 1.2 $

Type: remote

Family: Web Servers

Published: 2017/03/21

Modified: 2017/03/23

Dependencies: 57034

Risk Information

Risk Factor: High


Base Score: 7.6

Temporal Score: 6.3

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND


Base Score: 8.1

Temporal Score: 7.4

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:X

Vulnerability Information

CPE: cpe:/a:ibm:websphere_application_server

Required KB Items: www/WebSphere, Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2017/03/10

Vulnerability Publication Date: 2017/03/10

Reference Information

CVE: CVE-2017-1151

BID: 96841

OSVDB: 153594