IBM WebSphere Portal Cross-Site Redirection

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(100222);
  script_version("1.6");
  script_cvs_date("Date: 2019/11/13");

  script_cve_id("CVE-2017-1156");
  script_bugtraq_id(98340);

  script_name(english:"IBM WebSphere Portal Cross-Site Redirection");
  script_summary(english:"Checks for the installed patches.");

  script_set_attribute(attribute:"synopsis", value:
"The web portal application installed on remote Windows host is
affected by a cross-site redirection vulnerability.");
  script_set_attribute(attribute:"description", value:
"The version of IBM WebSphere Portal installed on the remote Windows
host is affected by a cross-site redirection vulnerability due to
improper validation of unspecified input. An unauthenticated, remote
attacker can exploit this vulnerability, by convincing a user to
follow a specially crafted link, to redirect a user from a legitimate
website to a malicious website of the attacker's choosing, in which
the attacker is able to spoof the URL that is displayed to the user.
This can allow the attacker to obtain sensitive information or to
conduct further attacks.");
  script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg22000153");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate fixes according to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-1156");

  script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/05/02");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/05/02");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_portal");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("websphere_portal_installed.nbin");
  script_require_keys("installed_sw/IBM WebSphere Portal");

  exit(0);
}

include("websphere_portal_version.inc");

websphere_portal_check_version(
  ranges:make_list(
    "8.5.0.0, 8.5.0.0, CF13",
    "9.0.0.0, 9.0.0.0, CF13"
  ),
  fix:"PI77506",
  severity:SECURITY_WARNING
);