Lucene search

IBM6D303B9B759D915E602235C41DDCD79F0FAC32B1E335F7E9AAD35C7C07956DE8

HistoryJun 15, 2018 - 7:05 a.m.

Security Bulletin: Bypass security restrictions in WebSphere Application Server (CVE-2016-0385)

2018-06-1507:05:34

www.ibm.com

3.1 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

JSON

Summary

There is a potential bypass security restriction vulnerability in IBM WebSphere Application Server. This will only occur in environments that have the webcontainer custom property HttpSessionIdReuse enabled.

Vulnerability Details

CVEID: CVE-2016-0385**
DESCRIPTION:** IBM WebSphere Application Server could allow a remote attacker to bypass security restrictions caused by a buffer overflow. This could allow the attacker to view unauthorized data.
CVSS Base Score: 3.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/112359 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

This vulnerability affects the following versions and releases of IBM WebSphere Application Server

- Liberty
Version 9.0
Version 8.5.5
Version 8.5
Version 8.0
Version 7.0

Remediation/Fixes

The recommended solution is to apply the interim fix, Fix Pack or PTF containing APAR PI60026 for each named product as soon as practical. **

For WebSphere Application Server:** **
For Liberty:**
· Upgrade to minimal fix pack levels as required by interim fix and then apply Interim Fix PI60026
--OR–
· Apply Fix Pack 16.0.0.3 or later.
**
For V9.0.0.0:**
· Upgrade to minimal fix pack levels as required by interim fix and then apply Interim Fix PI60026

--OR–
· Apply Fix Pack 9.0.0.1 or later.

For V8.5.0.0 through 8.5.5.9:
· Upgrade to minimal fix pack levels as required by interim fix and then apply Interim Fix PI60026

--OR–
· Apply Fix Pack 8.5.5.10 or later.

For V8.0.0.0 through 8.0.0.12:
· Upgrade to a minimal fix pack levels as required by interim fix and then apply Interim Fix PI60026

--OR–
· Apply Fix Pack 8.0.0.13 or later. **

For V7.0.0.0 through 7.0.0.41:**
· Upgrade to minimal fix pack levels as required by interim fix and then apply Interim Fix PI60026

--OR–
· Apply Fix Pack 7.0.0.43 or later.

Workarounds and Mitigations

Setting the webcontainer property HttpSessionIdReuse to false will mitigate this issue.

CPENameOperatorVersion
websphere application servereq8.5.5
websphere application servereq8.5
websphere application servereq8.0
websphere application servereq7.0
websphere application server hypervisor editioneqany
websphere application server liberty coreeqany

Name	Operator	Version
websphere application server	eq	8.5.5
websphere application server	eq	8.5
websphere application server	eq	8.0
websphere application server	eq	7.0
websphere application server hypervisor edition	eq	any
websphere application server liberty core	eq	any

3.1 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

JSON

Related for 6D303B9B759D915E602235C41DDCD79F0FAC32B1E335F7E9AAD35C7C07956DE8