Web Servers : IBM WebSphere Application Server Multiple Vulnerabilities (487947)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.806847

Kategorie: Web Servers

Titel: IBM WebSphere Application Server Multiple Vulnerabilities (487947)

Zusammenfassung: IBM WebSphere Application Server is prone to multiple; vulnerabilities.

Beschreibung: Summary:
IBM WebSphere Application Server is prone to multiple
vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- An improper validation of user accounts when a Local OS registry is used.

- An improper validation of input by the Administrative console.

- The buffer overflow vulnerability when a local OS registry is used in conjunction with
WebSphere Identity Manager.

- The directory traversal vulnerability in the Administrative Console

Vulnerability Impact:
Successful exploitation will allow remote attacker to modify
data, to bypass intended access restrictions, to inject arbitrary web script or HTML and to cause
a denial of service.

Affected Software/OS:
IBM WebSphere Application Server version 6.1.x prior to
6.1.0.47, 7.0.x prior to 7.0.0.29, 8.0.x prior to 8.0.0.6 and 8.5.x prior to 8.5.0.2.

Solution:
Update to version 6.1.0.47, 7.0.0.29, 8.0.0.6, 8.5.0.2 or
later.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-0544
AIX APAR: PM82468
http://www-01.ibm.com/support/docview.wss?uid=swg1PM82468
XForce ISS Database: was-cve20130544-dir-traversal(82760)
https://exchange.xforce.ibmcloud.com/vulnerabilities/82760
Common Vulnerability Exposure (CVE) ID: CVE-2013-0543
AIX APAR: PM75582
http://www-01.ibm.com/support/docview.wss?uid=swg1PM75582
XForce ISS Database: was-cve20130543-sec-bypass(82759)
https://exchange.xforce.ibmcloud.com/vulnerabilities/82759
Common Vulnerability Exposure (CVE) ID: CVE-2013-0542
AIX APAR: PM81846
http://www-01.ibm.com/support/docview.wss?uid=swg1PM81846
XForce ISS Database: was-cve20130542-xss(82697)
https://exchange.xforce.ibmcloud.com/vulnerabilities/82697
Common Vulnerability Exposure (CVE) ID: CVE-2013-0541
AIX APAR: PM74909
http://www-01.ibm.com/support/docview.wss?uid=swg1PM74909
XForce ISS Database: was-cve20130541-dos(82696)
https://exchange.xforce.ibmcloud.com/vulnerabilities/82696

Copyright Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.806847
Kategorie:	Web Servers
Titel:	IBM WebSphere Application Server Multiple Vulnerabilities (487947)
Zusammenfassung:	IBM WebSphere Application Server is prone to multiple; vulnerabilities.
Beschreibung:	Summary: IBM WebSphere Application Server is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - An improper validation of user accounts when a Local OS registry is used. - An improper validation of input by the Administrative console. - The buffer overflow vulnerability when a local OS registry is used in conjunction with WebSphere Identity Manager. - The directory traversal vulnerability in the Administrative Console Vulnerability Impact: Successful exploitation will allow remote attacker to modify data, to bypass intended access restrictions, to inject arbitrary web script or HTML and to cause a denial of service. Affected Software/OS: IBM WebSphere Application Server version 6.1.x prior to 6.1.0.47, 7.0.x prior to 7.0.0.29, 8.0.x prior to 8.0.0.6 and 8.5.x prior to 8.5.0.2. Solution: Update to version 6.1.0.47, 7.0.0.29, 8.0.0.6, 8.5.0.2 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-0544 AIX APAR: PM82468 http://www-01.ibm.com/support/docview.wss?uid=swg1PM82468 XForce ISS Database: was-cve20130544-dir-traversal(82760) https://exchange.xforce.ibmcloud.com/vulnerabilities/82760 Common Vulnerability Exposure (CVE) ID: CVE-2013-0543 AIX APAR: PM75582 http://www-01.ibm.com/support/docview.wss?uid=swg1PM75582 XForce ISS Database: was-cve20130543-sec-bypass(82759) https://exchange.xforce.ibmcloud.com/vulnerabilities/82759 Common Vulnerability Exposure (CVE) ID: CVE-2013-0542 AIX APAR: PM81846 http://www-01.ibm.com/support/docview.wss?uid=swg1PM81846 XForce ISS Database: was-cve20130542-xss(82697) https://exchange.xforce.ibmcloud.com/vulnerabilities/82697 Common Vulnerability Exposure (CVE) ID: CVE-2013-0541 AIX APAR: PM74909 http://www-01.ibm.com/support/docview.wss?uid=swg1PM74909 XForce ISS Database: was-cve20130541-dos(82696) https://exchange.xforce.ibmcloud.com/vulnerabilities/82696
Copyright	Copyright (C) 2016 Greenbone AG