#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(324627);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/07/04");
script_cve_id(
"CVE-2019-11358",
"CVE-2020-7656",
"CVE-2020-11023",
"CVE-2021-41182",
"CVE-2021-41183",
"CVE-2021-41184",
"CVE-2022-31160"
);
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2025/02/13");
script_xref(name:"CEA-ID", value:"CEA-2021-0025");
script_xref(name:"CEA-ID", value:"CEA-2021-0004");
script_name(english:"IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7278745)");
script_set_attribute(attribute:"synopsis", value:
"The remote web application server is affected by multiple vulnerabilities");
script_set_attribute(attribute:"description", value:
"The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6 IBM. It is, therefore,
affected by multiple vulnerabilities as referenced in the 7278745 advisory.
- jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of
jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a
checkboxradio widget on an input enclosed within a label makes that parent label contents considered as
the input label. Calling `.checkboxradio( refresh )` on such a widget and the initial HTML contained
encoded HTML entities will make them erroneously get decoded. This can lead to potentially executing
JavaScript code. The bug has been patched in jQuery UI 1.13.2. To remediate the issue, someone who can
change the initial HTML can wrap all the non-input contents of the `label` in a `span`. (CVE-2022-31160)
- jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of
the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is
fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A
workaround is to not accept the value of the `of` option from untrusted sources. (CVE-2021-41184)
- In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option>
elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods
(i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
(CVE-2020-11023)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://www.ibm.com/support/pages/node/7278745");
script_set_attribute(attribute:"solution", value:
"Please see vendor advisory for details.");
script_set_attribute(attribute:"agent", value:"unix");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N");
script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:A");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-41184");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-31160");
script_set_attribute(attribute:"cvss4_score_source", value:"CVE-2020-7656");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/09");
script_set_attribute(attribute:"patch_publication_date", value:"2026/07/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/07/02");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_extreme_scale");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Web Servers");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ibm_websphere_extreme_scale_nix_installed.nbin");
script_require_keys("installed_sw/IBM WebSphere eXtreme Scale", "Settings/ParanoidReport");
exit(0);
}
include('vcf.inc');
var app_info = vcf::get_app_info(app:'IBM WebSphere eXtreme Scale');
if (app_info['version'] =~ "^8\.6\.1" && report_paranoia < 2)
audit(AUDIT_PARANOID);
vcf::check_granularity(app_info:app_info, sig_segments:3);
var constraints = [
{ 'min_version' : '8.6.1.0', 'fixed_version' : '8.6.1.6', 'missing_patch' : 'PH70967', 'fixed_display' : 'Please see vendor advisory for details.' }
];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_WARNING,
flags:{'xss':TRUE}
);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation