Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

WebSphere UDDI Console Multiple Vulnerabilities

Medium

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote WebSphere server is running on the remote host. This version is reported vulnerable to a number of flaws in its UDDI Console. The flaws stem from the application's inability to parse user-supplied input to the 'uddigui/navigateTree.do' Java program. Successful exploitation would require that the attacker be able to convince a user to browse a malicious URI. Successful exploitation would result in the attacker executing script code within the client browser.

Solution

Upgrade or patch according to vendor recommendations.