ID CVE-2019-4441 Type cve Reporter cve@mitre.org Modified 2019-10-09T23:50:00
Description
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 163177.
{"symantec": [{"lastseen": "2019-12-26T20:23:12", "bulletinFamily": "software", "cvelist": ["CVE-2019-4441"], "description": "### Description\n\nIBM WebSphere Application Server is prone to an information disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. IBM WebSphere Application Server versions 7.0, 8.0, 8.5, 9.0, and Liberty are vulnerable.\n\n### Technologies Affected\n\n * IBM Cloud Private 3.2.0 CD \n * IBM Cloud Private 3.2.1 CD \n * IBM WebSphere Application Server Liberty Profile \n * IBM Websphere Application Server 7.0 \n * IBM Websphere Application Server 8.0 \n * IBM Websphere Application Server 8.5 \n * IBM Websphere Application Server 9.0 \n * Redhat JBoss Middleware Text-Only Advisories for MIDDLEWARE 1 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nIf global access isn't needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of successful exploits.\n\n**Run all software as a nonprivileged user with minimal access rights.** \nRunning server processes within a restricted environment using facilities such as chroot or jail may limit the consequences of successful exploits\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\n**Communicate sensitive information over encrypted channels.** \nEnsure that only encrypted channels are used for communicating sensitive information.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2019-10-01T00:00:00", "published": "2019-10-01T00:00:00", "id": "SMNTC-111293", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111293", "type": "symantec", "title": "IBM WebSphere Application Server CVE-2019-4441 Information Disclosure Vulnerability", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2020-12-01T15:30:24", "description": "The IBM WebSphere Application Server running on the remote host is version 7.0.0.0 through 7.0.0.45, 8.0.0.0 through\n8.0.0.15, 8.5.0.x prior to 8.5.5.17, or 9.0.x prior to 9.0.5.2, or Liberty prior to 19.0.0.11. It is, therefore,\naffected by an information disclosure vulnerability. An unauthenticated remote attacker can exploit this by viewing\nreturned stack traces in the browser to obtain sensitive information.", "edition": 17, "cvss3": {"score": 5.3, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2019-12-16T00:00:00", "title": "IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.2 / Liberty < 19.0.0.11 Information Disclosure (CVE-2019-4441)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-4441"], "modified": "2019-12-16T00:00:00", "cpe": ["cpe:/a:ibm:websphere_application_server"], "id": "WEBSPHERE_CVE-2019-4441.NASL", "href": "https://www.tenable.com/plugins/nessus/132076", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132076);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/30\");\n\n script_cve_id(\"CVE-2019-4441\");\n\n script_name(english:\"IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.2 / Liberty < 19.0.0.11 Information Disclosure (CVE-2019-4441)\");\n script_summary(english:\"Reads the version number from the SOAP and GIOP services.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web application server is affected by an information disclosure vulnerability\");\n script_set_attribute(attribute:\"description\", value:\n\"The IBM WebSphere Application Server running on the remote host is version 7.0.0.0 through 7.0.0.45, 8.0.0.0 through\n8.0.0.15, 8.5.0.x prior to 8.5.5.17, or 9.0.x prior to 9.0.5.2, or Liberty prior to 19.0.0.11. It is, therefore,\naffected by an information disclosure vulnerability. An unauthenticated remote attacker can exploit this by viewing\nreturned stack traces in the browser to obtain sensitive information.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://exchange.xforce.ibmcloud.com/vulnerabilities/163177\");\n # https://www.ibm.com/blogs/psirt/ibm-security-bulletin-information-disclosure-vulnerability-in-websphere-application-server-cve-2019-4441/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?245df746\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.ibm.com/support/pages/node/959023\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM WebSphere Application Server 8.5.5.17, 9.0.5.2, Liberty 19.0.0.11 or later. \nAlternatively, upgrade to the minimal fix pack levels required by the interim \nfix and then apply Interim Fix PH13983.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-4441\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:websphere_application_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"websphere_detect.nasl\", \"ibm_enum_products.nbin\", \"ibm_websphere_application_server_nix_installed.nbin\");\n script_require_keys(\"installed_sw/IBM WebSphere Application Server\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\n\napp = 'IBM WebSphere Application Server';\nfix = 'Interim Fix PH13983';\n\nget_install_count(app_name:app, exit_if_zero:TRUE);\napp_info = vcf::combined_get_app_info(app:app);\nvcf::check_granularity(app_info:app_info, sig_segments:4);\n\n# If the detection is only remote, Source will be set, and we should require paranoia\nif (!empty_or_null(app_info['Source']) && app_info['Source'] != 'unknown' && report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nif ('PH13983' >< app_info['Fixes'])\n audit(AUDIT_INST_VER_NOT_VULN, app);\n\nconstraints = [\n {'min_version':'7.0.0.0', 'max_version':'7.0.0.45', 'fixed_version':fix},\n {'min_version':'8.0.0.0', 'max_version':'8.0.0.15', 'fixed_version':fix},\n {'min_version':'8.5.0.0', 'max_version':'8.5.5.16', 'fixed_version':'8.5.5.17 or ' + fix},\n {'min_version':'9.0.0.0', 'max_version':'9.0.5.1', 'fixed_version':'9.0.5.2 or ' + fix},\n {'min_version':'16.0.0.2', 'max_version':'19.0.0.10', 'fixed_version':'19.0.0.11 or ' + fix}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "redhat": [{"lastseen": "2019-12-09T16:28:13", "bulletinFamily": "unix", "cvelist": ["CVE-2014-3603", "CVE-2019-4441", "CVE-2019-4663"], "description": "Open Liberty is a lightweight open framework for building fast and efficient cloud-native Java microservices. \n\nThis release of Open Liberty 19.0.0.12 serves as a replacement for Open Liberty 19.0.0.11 and includes bug fixes, enhancements, and security fixes. For specific information about this release, see links in the References section.\n\nSecurity Fix(es):\n\n* Information disclosure vulnerability in WebSphere Application Server (CVE-2019-4441)\n\n* Man in the middle vulnerability in WebSphere Application Server Liberty (CVE-2014-3603)\n\n* (CVE-2019-4663)\n\nFor more details about the security issue(s), see the IBM Security Bulletin links for each CVE, listed in the References section.", "modified": "2019-12-09T20:15:28", "published": "2019-12-09T20:15:03", "id": "RHSA-2019:4117", "href": "https://access.redhat.com/errata/RHSA-2019:4117", "type": "redhat", "title": "(RHSA-2019:4117) Moderate: Open Liberty 19.0.0.12 Runtime security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}]}
