Lucene search
K

IBM WebSphere Application Server 8.5.x < 8.5.5.31 / 9.x < 9.0.5.29 (7278590)

🗓️ 01 Jul 2026 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 3 Views

IBM WebSphere Server 8.5.x and 9.x have admin console help vulnerabilities: cross-site scripting and information disclosure.

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by multiple vulnerabilities
8 Jul 202613:09
ibm
IBM Security Bulletins
Security Bulletin: Security vulnerabilities have been found in WebSphere Application Server shipped with IBM Guardium Key Lifecycle Manager (SKLM/GKLM)
3 Jul 202608:31
ibm
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server is affected by multiple vulnerabilities (CVE-2026-11712, CVE-2026-11595, CVE-2026-11708)
30 Jun 202617:25
ibm
IBM Security Bulletins
Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Businsess Automation Workflow (CVE-2026-50645, CVE-2026-9322, CVE-2026-9171,CVE-2026-11712, CVE-2026-11595, CVE-2026-11708)
2 Jul 202609:52
ibm
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by multiple vulnerabilities (CVE-2026-11712, CVE-2026-11595, CVE-2026-11708)
7 Jul 202620:55
ibm
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by multiple vulnerabilities (CVE-2026-11712, CVE-2026-11595, CVE-2026-11708)
7 Jul 202620:56
ibm
IBM Security Bulletins
Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server which is affected by multiple vulnerabilities
8 Jul 202611:27
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2026-11712, CVE-2026-11595, CVE-2026-11708)
7 Jul 202619:15
ibm
IBM Security Bulletins
Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by multiple vulnerabilities (CVE-2026-11712, CVE-2026-11595, CVE-2026-11708)
7 Jul 202620:57
ibm
ATTACKERKB
CVE-2026-11595
30 Jun 202619:50
attackerkb
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(324010);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/07/03");

  script_cve_id("CVE-2026-11595", "CVE-2026-11708", "CVE-2026-11712");

  script_name(english:"IBM WebSphere Application Server 8.5.x < 8.5.5.31 / 9.x < 9.0.5.29 (7278590)");

  script_set_attribute(attribute:"synopsis", value:
"The remote web application server is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of IBM WebSphere Application Server running on the remote host is affected by multiple vulnerabilities as
referenced in the 7278590 advisory.

  - IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the
    administrative console help system. (CVE-2026-11712)

  - IBM WebSphere Application Server 9.0, and 8.5 could allow a remote attacker to obtain sensitive
    information from the administrative console's integrated help system. (CVE-2026-11595)

  - IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the
    administrative console's integrated help system. (CVE-2026-11708)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.ibm.com/support/pages/node/7278590");
  script_set_attribute(attribute:"solution", value:
"Update to IBM WebSphere Application Server version 8.5.5.31, 9.0.5.29 or later. Alternatively, upgrade to the minimal
fix pack levels required by the interim fix and then apply Interim Fix PH71756.");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-11712");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2026-11595");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2026/06/30");
  script_set_attribute(attribute:"patch_publication_date", value:"2026/06/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/07/01");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_application_server");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Web Servers");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("websphere_detect.nasl", "ibm_enum_products.nbin", "ibm_websphere_application_server_nix_installed.nbin", "ibm_websphere_application_server_win_installed.nbin");
  script_require_keys("installed_sw/IBM WebSphere Application Server");

  exit(0);
}

include('vcf.inc');

var app = 'IBM WebSphere Application Server';
var app_info = vcf::combined_get_app_info(app:app);
vcf::check_granularity(app_info:app_info, sig_segments:4);

# If the detection is only remote, Source will be set, and we should require paranoia
var require_paranoid = FALSE;
if (!empty_or_null(app_info['Source']) && app_info['Source'] != 'unknown' && report_paranoia < 2)
  require_paranoid = TRUE;

if ('PH71756' >< app_info['Fixes'])
  audit(AUDIT_INST_VER_NOT_VULN, app);

var constraints = [
  { 'min_version' : '8.5.0.0', 'fixed_version' : '8.5.5.31', 'fixed_display' : '8.5.5.31 or Interim Fix PH71756' },
  { 'min_version' : '9.0.0.0', 'fixed_version' : '9.0.5.29', 'fixed_display' : '9.0.5.29 or Interim Fix PH71756' }
];

vcf::check_version_and_report(
    app_info:app_info,
    constraints:constraints,
    severity:SECURITY_HOLE,
    require_paranoia:require_paranoid,
    flags:{'xss':TRUE}
);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

03 Jul 2026 00:00Current
5.9Medium risk
Vulners AI Score5.9
CVSS 3.17.5 - 9.3
EPSS0.00474
SSVC
3