7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.006 Low
EPSS
Percentile
78.4%
The IBM WebSphere Portal installed on the remote host is version 6.1.0.x prior to 6.1.0.6 CF27, 6.1.5.x prior to 6.1.5.3 CF27, 7.0.0.x prior to 7.0.0.2 CF29, 8.0.0.x prior to 8.0.0.1 CF16, or 8.5.0.0 prior to 8.5.0.0 CF05. It is, therefore, affected by multiple vulnerabilities :
An unspecified flaw exists due to improper validation of user-supplied input. A remote attacker, using specially crafted requests, can exploit this to cause a denial of service by consuming all memory resources. Note that this only affects hosts in which the ‘Remote Document Conversion Service’ is enabled. (CVE-2015-1886, PI37356)
An unspecified cross-site scripting vulnerability exists due to improper validation of user-supplied input. A remote attacker, using a specially crafted URL, can exploit this to execute code in a victim’s web browser within the security context of the hosted site, possibly resulting in access to the cookie-based authentication credentials. (CVE-2015-1908, PI37661)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(83055);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2015-1886", "CVE-2015-1908");
script_bugtraq_id(74216, 74218);
script_name(english:"IBM WebSphere Portal Multiple Vulnerabilities (PI37356, PI37661)");
script_summary(english:"Checks for the installed patches.");
script_set_attribute(attribute:"synopsis", value:
"The web portal software installed on the remote Windows host is
affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The IBM WebSphere Portal installed on the remote host is version
6.1.0.x prior to 6.1.0.6 CF27, 6.1.5.x prior to 6.1.5.3 CF27, 7.0.0.x
prior to 7.0.0.2 CF29, 8.0.0.x prior to 8.0.0.1 CF16, or 8.5.0.0 prior
to 8.5.0.0 CF05. It is, therefore, affected by multiple
vulnerabilities :
- An unspecified flaw exists due to improper validation of
user-supplied input. A remote attacker, using specially
crafted requests, can exploit this to cause a denial of
service by consuming all memory resources. Note that
this only affects hosts in which the 'Remote Document
Conversion Service' is enabled. (CVE-2015-1886, PI37356)
- An unspecified cross-site scripting vulnerability exists
due to improper validation of user-supplied input. A
remote attacker, using a specially crafted URL, can
exploit this to execute code in a victim's web browser
within the security context of the hosted site, possibly
resulting in access to the cookie-based authentication
credentials. (CVE-2015-1908, PI37661)");
script_set_attribute(attribute:"see_also", value:"https://www-304.ibm.com/support/docview.wss?uid=swg21701566");
script_set_attribute(attribute:"solution", value:
"Upgrade IBM WebSphere Portal as noted in the referenced IBM advisory.
- Versions 6.1.0.x should upgrade to 6.1.0.6 CF27 and then
apply interim fixes PI37356 and PI37661.
- Versions 6.1.5.x should upgrade to 6.1.5.3 CF27 and then
apply interim fixes PI37356 and PI37661.
- Versions 7.0.0.x should upgrade to 7.0.0.2 CF29 and then
apply interim fixes PI37356 and PI37661.
- Versions 8.0.0.x should upgrade to 8.0.0.1 CF16.
- Versions 8.5.0.x should upgrade to 8.5.0.0 CF05 and then
apply interim fixes PI37356 and PI37661.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/04/20");
script_set_attribute(attribute:"patch_publication_date", value:"2015/04/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/04/24");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_portal");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
script_dependencies("websphere_portal_installed.nbin");
script_require_keys("installed_sw/IBM WebSphere Portal");
exit(0);
}
include("websphere_portal_version.inc");
fixes = make_list("PI37356", "PI37661");
websphere_portal_check_version(
checks:make_array(
"8.5.0.0, 8.5.0.0, CF05", fixes,
"8.0.0.0, 8.0.0.1, CF16", fixes,
"7.0.0.0, 7.0.0.2, CF29", fixes,
"6.1.5.0, 6.1.5.3, CF27", fixes,
"6.1.0.0, 6.1.0.6, CF27", fixes
),
severity:SECURITY_WARNING,
xss: TRUE
);
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | websphere_portal | cpe:/a:ibm:websphere_portal |