IBM WebSphere Application Server 8.5 < 126.96.36.199 Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 9717
SynopsisThe remote host is running an application server that is vulnerable to multiple attack vectors.
DescriptionThe remote host appears to be running IBM WebSphere Application Server 8.5 prior to 188.8.131.52. Such versions are potentially affected by multiple issues :
- An information disclosure vulnerability exists that allows an unauthenticated, remote attacker to identify the proxy server software by reading the HTTP 'Via' header. (CVE-2015-1932)
- An unspecified flaw exists that allows an unauthenticated, remote attacker to spoof servlets or disclose sensitive information. (CVE-2015-4938)
SolutionUpgrade WebSphere Application Server to 184.108.40.206 or later.