5 - VU#375127

Executive Summary

Summary
Title	IBM WebSphere Portal Server input validation vulnerability

Informations
Name	VU#375127	First vendor Publication	2011-02-23
Vendor	VU-CERT	Last vendor Modification	2011-02-23
Severity (Vendor)	N/A	Revision	M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score	5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#375127

IBM WebSphere Portal Server input validation vulnerability

Overview

IBM WebSphere Portal Server does not validate entry path inputted data.

I. Description

From the IBM Portal website: "IBM WebSphere Portal software provides a composite application or business mashup framework and the advanced tooling needed to build flexible, SOA-based solutions, as well as the unmatched scalability required by any size organization." IBM WebSphere Portal Server is vulnerable to data leakage caused by missing input validation on inputted entry path transmitted via XML.

II. Impact

An attacker with valid login credentials could leverage this vulnerability to retrieve system information, such as /etc/passwd.

III. Solution

Apply an update

According to IBM's website patches have been issued to address this vulnerability.
Restrict access

Restrict network access to the IBM WebSphere Portal software and other devices using open protocols like HTTP.

Vendor Information

Vendor	Status	Date Notified	Date Updated
IBM Corporation	Affected	2010-11-01	2011-01-21

References

http://www.ibm.com/eserver/support/fixes/fixcentral/swgquickorder?apar=PM25698&productid=WebSphere%20Portal&brandid=5
http://www-01.ibm.com/support/docview.wss?uid=swg21460422

Credit

Thanks to Peter Brauchle from Daimler TSS Technical Security for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

Date Public:	2011-01-20
Date First Published:	2011-02-23
Date Last Updated:	2011-02-23
CERT Advisory:
CVE-ID(s):
NVD-ID(s):
US-CERT Technical Alerts:
Severity Metric:	3.60
Document Revision:	28

Original Source

Url : http://www.kb.cert.org/vuls/id/375127

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-200	Information Exposure

CPE : Common Platform Enumeration

Type	Description	Count
Application	Ibm Websphere Portal cpe:2.3:a:ibm:websphere_portal:7.0.0.0:::::::* cpe:2.3:a:ibm:websphere_portal:6.1.5.0:::::::* cpe:2.3:a:ibm:websphere_portal:6.1.0.3:::::::* cpe:2.3:a:ibm:websphere_portal:6.1.0.2:::::::* cpe:2.3:a:ibm:websphere_portal:6.1.0.1:::::::* cpe:2.3:a:ibm:websphere_portal:6.1.0.0:::::::* cpe:2.3:a:ibm:websphere_portal:6.0.1.7:::::::* cpe:2.3:a:ibm:websphere_portal:6.0.1.6:::::::* cpe:2.3:a:ibm:websphere_portal:6.0.1.5:::::::* cpe:2.3:a:ibm:websphere_portal:6.0.1.4:::::::* cpe:2.3:a:ibm:websphere_portal:6.0.1.3:::::::* cpe:2.3:a:ibm:websphere_portal:6.0.1.2:::::::* cpe:2.3:a:ibm:websphere_portal:6.0.1.1:::::::*	13

Open Source Vulnerability Database (OSVDB)

Id	Description
70688	IBM WebSphere Portal Modified Message Unspecified Information Disclosure IBM WebSphere Portal contains an unspecified flaw that may allow an attacker to use a crafted message to disclose certain information. No further details have been provided.

Global Informations

Type	Count
CWE ID(s)	1
CPE ID(s)	13
osvdb(s)	1

	Related
5	CVE-2011-0679
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)