Test Kennung:	1.3.6.1.4.1.25623.1.0.808188
Kategorie:	Web Servers
Titel:	IBM WebSphere Application Server Liberty Multiple Liberty Vulnerabilities (Jul 2016)
Zusammenfassung:	IBM WebSphere Application Server Liberty is prone to multiple; vulnerabilities
Beschreibung:	Summary: IBM WebSphere Application Server Liberty is prone to multiple vulnerabilities Vulnerability Insight: Multiple flaws exist due to: - The failure of setting the 'HTTPOnly' flag in 'JAX-RS' API. - IBM WebSphere Application Server Liberty Profile using the API Discovery feature could provide weaker than expected security in 'API Discovery' feature when using Swagger documents with external references. - An improper handling by the Admin Center. Vulnerability Impact: Successful exploitation may allow a remote attacker to obtain sensitive information and also allow a remote authenticated users to gain privileges. Affected Software/OS: IBM WebSphere Application Server Liberty version 8.5.x through 8.5.5.9. Solution: See the referenced vendor advisory. CVSS Score: 6.0 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-2923 AIX APAR: PI61936 http://www-01.ibm.com/support/docview.wss?uid=swg1PI61936 BugTraq ID: 91518 http://www.securityfocus.com/bid/91518 Common Vulnerability Exposure (CVE) ID: CVE-2016-2945 AIX APAR: PI62450 http://www-01.ibm.com/support/docview.wss?uid=swg1PI62450 BugTraq ID: 91517 http://www.securityfocus.com/bid/91517 Common Vulnerability Exposure (CVE) ID: CVE-2016-0389 AIX APAR: PI62052 http://www-01.ibm.com/support/docview.wss?uid=swg1PI62052 BugTraq ID: 91515 http://www.securityfocus.com/bid/91515
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.