WebSphere UDDI Console Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 4273


The remote host is vulnerable to multiple attack vectors.


The remote WebSphere server is running on the remote host.
This version is reported vulnerable to a number of flaws in its UDDI Console. The flaws stem from the application's inability to parse user-supplied input to the 'uddigui/navigateTree.do' Java program. Successful exploitation would require that the attacker be able to convince a user to browse a malicious URI. Successful exploitation would result in the attacker executing script code within the client browser.


Upgrade or patch according to vendor recommendations.

See Also


Plugin Details

Severity: Medium

ID: 4273

Family: Web Servers

Published: 2007/10/31

Modified: 2018/09/16

Dependencies: 4270

Risk Information

Risk Factor: Medium


Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C


Base Score: 5.6

Temporal Score: 5.2


Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:websphere_application_server

Reference Information

CVE: CVE-2007-5798, CVE-2007-5799

BID: 26276