Web Servers : IBM WebSphere Application Server Multiple Vulnerabilities (487947)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.806847

Categoría: Web Servers

Título: IBM WebSphere Application Server Multiple Vulnerabilities (487947)

Resumen: IBM WebSphere Application Server is prone to multiple; vulnerabilities.

Descripción: Summary:
IBM WebSphere Application Server is prone to multiple
vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- An improper validation of user accounts when a Local OS registry is used.

- An improper validation of input by the Administrative console.

- The buffer overflow vulnerability when a local OS registry is used in conjunction with
WebSphere Identity Manager.

- The directory traversal vulnerability in the Administrative Console

Vulnerability Impact:
Successful exploitation will allow remote attacker to modify
data, to bypass intended access restrictions, to inject arbitrary web script or HTML and to cause
a denial of service.

Affected Software/OS:
IBM WebSphere Application Server version 6.1.x prior to
6.1.0.47, 7.0.x prior to 7.0.0.29, 8.0.x prior to 8.0.0.6 and 8.5.x prior to 8.5.0.2.

Solution:
Update to version 6.1.0.47, 7.0.0.29, 8.0.0.6, 8.5.0.2 or
later.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-0544
AIX APAR: PM82468
http://www-01.ibm.com/support/docview.wss?uid=swg1PM82468
XForce ISS Database: was-cve20130544-dir-traversal(82760)
https://exchange.xforce.ibmcloud.com/vulnerabilities/82760
Common Vulnerability Exposure (CVE) ID: CVE-2013-0543
AIX APAR: PM75582
http://www-01.ibm.com/support/docview.wss?uid=swg1PM75582
XForce ISS Database: was-cve20130543-sec-bypass(82759)
https://exchange.xforce.ibmcloud.com/vulnerabilities/82759
Common Vulnerability Exposure (CVE) ID: CVE-2013-0542
AIX APAR: PM81846
http://www-01.ibm.com/support/docview.wss?uid=swg1PM81846
XForce ISS Database: was-cve20130542-xss(82697)
https://exchange.xforce.ibmcloud.com/vulnerabilities/82697
Common Vulnerability Exposure (CVE) ID: CVE-2013-0541
AIX APAR: PM74909
http://www-01.ibm.com/support/docview.wss?uid=swg1PM74909
XForce ISS Database: was-cve20130541-dos(82696)
https://exchange.xforce.ibmcloud.com/vulnerabilities/82696

Copyright Copyright (C) 2016 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.806847
Categoría:	Web Servers
Título:	IBM WebSphere Application Server Multiple Vulnerabilities (487947)
Resumen:	IBM WebSphere Application Server is prone to multiple; vulnerabilities.
Descripción:	Summary: IBM WebSphere Application Server is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - An improper validation of user accounts when a Local OS registry is used. - An improper validation of input by the Administrative console. - The buffer overflow vulnerability when a local OS registry is used in conjunction with WebSphere Identity Manager. - The directory traversal vulnerability in the Administrative Console Vulnerability Impact: Successful exploitation will allow remote attacker to modify data, to bypass intended access restrictions, to inject arbitrary web script or HTML and to cause a denial of service. Affected Software/OS: IBM WebSphere Application Server version 6.1.x prior to 6.1.0.47, 7.0.x prior to 7.0.0.29, 8.0.x prior to 8.0.0.6 and 8.5.x prior to 8.5.0.2. Solution: Update to version 6.1.0.47, 7.0.0.29, 8.0.0.6, 8.5.0.2 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-0544 AIX APAR: PM82468 http://www-01.ibm.com/support/docview.wss?uid=swg1PM82468 XForce ISS Database: was-cve20130544-dir-traversal(82760) https://exchange.xforce.ibmcloud.com/vulnerabilities/82760 Common Vulnerability Exposure (CVE) ID: CVE-2013-0543 AIX APAR: PM75582 http://www-01.ibm.com/support/docview.wss?uid=swg1PM75582 XForce ISS Database: was-cve20130543-sec-bypass(82759) https://exchange.xforce.ibmcloud.com/vulnerabilities/82759 Common Vulnerability Exposure (CVE) ID: CVE-2013-0542 AIX APAR: PM81846 http://www-01.ibm.com/support/docview.wss?uid=swg1PM81846 XForce ISS Database: was-cve20130542-xss(82697) https://exchange.xforce.ibmcloud.com/vulnerabilities/82697 Common Vulnerability Exposure (CVE) ID: CVE-2013-0541 AIX APAR: PM74909 http://www-01.ibm.com/support/docview.wss?uid=swg1PM74909 XForce ISS Database: was-cve20130541-dos(82696) https://exchange.xforce.ibmcloud.com/vulnerabilities/82696
Copyright	Copyright (C) 2016 Greenbone AG