Lucene search

K

IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.4 RCE (6258333)

๐Ÿ—“๏ธย 27 Aug 2020ย 00:00:00Reported byย This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.Typeย 
nessus
ย nessus
๐Ÿ”—ย www.tenable.com๐Ÿ‘ย 146ย Views

The IBM WebSphere Application Server is affected by a remote code execution vulnerability

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
Prion
Code injection
13 Aug 202012:15
โ€“prion
IBM Security Bulletins
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2020-4589)
31 Aug 202013:08
โ€“ibm
IBM Security Bulletins
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager IP Edition (CVE-2020-4589)
11 Nov 202013:45
โ€“ibm
IBM Security Bulletins
Security Bulletin: Embedded WebSphere Application Server traditional is vulnerable to a remote code execution vulnerability affects Content Collector for Email
28 Oct 202017:40
โ€“ibm
IBM Security Bulletins
Security Bulletin: A security vulnerability has been identified in embedded IBM WebSphere Application Server which is shipped with IBM Tivoli Netcool Configuration Manager (CVE-2020-4589)
11 Nov 202013:47
โ€“ibm
IBM Security Bulletins
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2020-4589)
23 Sep 202004:20
โ€“ibm
IBM Security Bulletins
Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with WebSphere Remote Server (CVE-2020-4589)
26 Oct 202016:15
โ€“ibm
IBM Security Bulletins
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server traditional shipped with IBM Operations Analytics
12 Nov 202009:58
โ€“ibm
IBM Security Bulletins
Security Bulletin: WebSphere Application Server shipped with IBM WebSphere Application Server Patterns is vulnerable to a remote code execution vulnerability (CVE-2020-4589)
17 Aug 202014:23
โ€“ibm
IBM Security Bulletins
Security Bulletin: A security vulnerability has been identified in WebSphereยฎ Application Server shipped with IBMยฎ Intelligent Operations Center (CVE-2020-4589)
19 Aug 202018:09
โ€“ibm
Rows per page
#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(139871);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/10/23");

  script_cve_id("CVE-2020-4589");

  script_name(english:"IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.4 RCE (6258333)");

  script_set_attribute(attribute:"synopsis", value:
"The remote web application server is affected by remote code execution vulnerability.");
  script_set_attribute(attribute:"description", value:
"The IBM WebSphere Application Server running on the remote host is
version 7.0.0.0 through 7.0.0.45, 8.0.0.0 through 8.0.0.15, 8.5.0.0
through to 8.5.5.17, or 9.0.0.0 through 9.0.5.4. It is, therefore,
affected by an remote code execution vulnerability. An authenticated,
remote attacker can exploit this by sending a specially crafted
sequence of serialized objects from untrusted source.");
  script_set_attribute(attribute:"see_also", value:"https://www.ibm.com/support/pages/node/6258333");
  # https://exchange.xforce.ibmcloud.com/vulnerabilities/184585
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?2d300524");
  script_set_attribute(attribute:"solution", value:
"Upgrade to IBM WebSphere Application Server 8.5.5.18, 9.0.5.5, or later. Alternatively, upgrade
to the minimal fix pack levels required by the interim fix and then apply Interim Fix PH27414.");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-4589");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/08/20");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/08/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/08/27");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_application_server");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Web Servers");

  script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("websphere_detect.nasl", "ibm_enum_products.nbin", "ibm_websphere_application_server_nix_installed.nbin");
  script_require_keys("installed_sw/IBM WebSphere Application Server");

  exit(0);
}

include('vcf.inc');


app = 'IBM WebSphere Application Server';
fix = 'Interim Fix PH27414';

get_install_count(app_name:app, exit_if_zero:TRUE);
app_info = vcf::combined_get_app_info(app:app);
vcf::check_granularity(app_info:app_info, sig_segments:4);

# If the detection is only remote, Source will be set, and we should require paranoia
if (!empty_or_null(app_info['Source']) && app_info['Source'] != 'unknown' && report_paranoia < 2)
  audit(AUDIT_PARANOID);

if ('PH27414' >< app_info['Fixes'])
  audit(AUDIT_INST_VER_NOT_VULN, app);

constraints = [
  {'min_version' : '7.0.0.0', 'max_version' : '7.0.0.45', 'fixed_version' : fix},
  {'min_version' : '8.0.0.0', 'max_version' : '8.0.0.15', 'fixed_version' : fix},
  {'min_version' : '8.5.0.0', 'max_version' : '8.5.5.17', 'fixed_version' : '8.5.5.18 or ' + fix},
  {'min_version' : '9.0.0.0', 'max_version' : '9.0.5.4',  'fixed_version' : '9.0.5.5 or ' + fix}
];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
27 Aug 2020 00:00Current
9.3High risk
Vulners AI Score9.3
CVSS210.0
CVSS39.8
EPSS0.009
146
.json
Report