Lucene search
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.WEBSPHERE_PORTAL_CVE-2013-3016.NASLHistoryApr 07, 2014 - 12:00 a.m.
IBM WebSphere Portal Unauthorized User Directory Access
2014-04-0700:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
53.6%
The version of WebSphere Portal on the remote host may be affected by an unauthorized user directory access vulnerability. An attacker could manipulate URLs and gain access to sensitive files.
Note that Nessus was unable to determine if the workaround in IBM’s advisory has been applied. Determining if an actual security risk exists requires manual verification.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(73384);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2013-3016");
script_bugtraq_id(61902);
script_name(english:"IBM WebSphere Portal Unauthorized User Directory Access");
script_summary(english:"Checks the installed version.");
script_set_attribute(attribute:"synopsis", value:
"The remote Windows host has web portal software installed that is
affected by a directory access vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of WebSphere Portal on the remote host may be affected by
an unauthorized user directory access vulnerability. An attacker could
manipulate URLs and gain access to sensitive files.
Note that Nessus was unable to determine if the workaround in IBM's
advisory has been applied. Determining if an actual security risk
exists requires manual verification.");
# https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_websphere_portal_vulnerable_to_unauthorized_access_to_user_directory_cve_2013_3016?lang=en_us
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e18521ae");
script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg21647344");
script_set_attribute(attribute:"solution", value:
"IBM has published a workaround. Refer to IBM's advisory for more
information.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-3016");
script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/08/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/04/07");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_portal");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("websphere_portal_installed.nbin");
script_require_keys("installed_sw/IBM WebSphere Portal", "Settings/ParanoidReport");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("install_func.inc");
include("misc_func.inc");
# A workaround is available
if (report_paranoia < 2) audit(AUDIT_PARANOID);
app_name = "IBM WebSphere Portal";
installs = get_installs(app_name:app_name);
if (install[0] == IF_NOT_FOUND) audit(AUDIT_NOT_INST, app_name);
affected = make_array();
unaffected = make_array();
errors = NULL;
# Check each install
foreach install (installs[1])
{
version = install['version'];
path = install['path'];
# Validate variables
if (!path)
{
errors += '\tFailed to get path for ' + app_name + '.';
continue;
}
if (!version)
{
errors += '\tFailed to get version of ' + app_name + ' under ' + path + '.';
continue;
}
if (version == UNKNOWN_VER)
{
errors +=
'\tThe version of ' + app_name + ' located at ' + path + ' is unknown.\n';
continue;
}
# Check for affected versions
if (version =~ "^[678]\.")
affected[path] = version;
else
unaffected[path] = version;
}
# Affected install(s)
if (max_index(keys(affected)) > 0)
{
report = '\nThe following ' + app_name + ' installs may be affected :\n';
foreach key (keys(affected))
report += '\n Version : ' + affected[key] + ' installed under ' + key;
port = get_kb_item("SMB/transport");
if (!port) port = 445;
if (report_verbosity > 0)
{
report +=
'\n Fixed version : See Solution' +
'\n';
security_warning(port:port, extra:report);
}
else security_warning(port);
}
# Unaffected installs
else if (max_index(keys(unaffected)) > 0)
{
foreach key (keys(unaffected))
info += '\n\tVersion ' + unaffected[key] + ' installed at ' + key;
exit(0, 'The following installs of WebSphere Portal are not affected :\n' + info);
}
# Errors
else if (errors)
exit(1, 'The following error(s) occurred :\n' + errors);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | websphere_portal | cpe:/a:ibm:websphere_portal |
Related
prion
prion
Design/Logic Flaw
2013-08-21 16:55:00
cve
cve
CVE-2013-3016
2013-08-21 16:55:11
cvelist
cvelist
CVE-2013-3016
2013-08-21 16:00:00
nvd
nvd
CVE-2013-3016
2013-08-21 16:55:11
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
53.6%
Related for WEBSPHERE_PORTAL_CVE-2013-3016.NASL