SB2013111303 - Multiple vulnerabilities in IBM WebSphere Portal
Published: November 13, 2013 Updated: August 10, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 22 secuirty vulnerabilities.
1) Input validation error (CVE-ID: CVE-2014-4808)
The vulnerability allows a remote #AU# to read and manipulate data.
Unspecified vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 allows remote authenticated users to execute arbitrary code via unknown vectors.
2) Resource management error (CVE-ID: CVE-2014-0949)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to cause a denial of service (resource consumption and daemon crash) via a crafted web request.
3) Cross-site scripting (CVE-ID: CVE-2014-0951)
Vulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in FilterForm.jsp in IBM WebSphere Portal 7.0 before 7.0.0.2 CF28 and 8.0 before 8.0.0.1 CF12. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
4) Cross-site scripting (CVE-ID: CVE-2014-0952)
Vulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in boot_config.jsp in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF28, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
5) Input validation error (CVE-ID: CVE-2014-0954)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 does not validate JSP includes, which allows remote attackers to obtain sensitive information, bypass intended request-dispatcher access restrictions, or cause a denial of service (memory consumption) via a crafted URL.
6) Cross-site scripting (CVE-ID: CVE-2014-0955)
Vulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in IBM WebSphere Portal 8.0 before 8.0.0.1 CF12, when Social Rendering in Connections integration is enabled,. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
7) Cross-site scripting (CVE-ID: CVE-2014-0956)
Vulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in googlemap.jsp in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
8) Input validation error (CVE-ID: CVE-2014-0958)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Open redirect vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. CWE-601: URL Redirection to Untrusted Site ('Open Redirect') http://cwe.mitre.org/data/definitions/601.html
9) Input validation error (CVE-ID: CVE-2014-0959)
The vulnerability allows a remote #AU# to perform service disruption.
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote authenticated users to cause a denial of service (infinite loop) via a login redirect.
10) Cross-site scripting (CVE-ID: CVE-2014-0917)
Vulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF27, and 8.0 before 8.0.0.1 CF06. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
11) Path traversal (CVE-ID: CVE-2014-0918)
The vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF27, and 8.0 before 8.0.0.1 CF06. A remote authenticated attacker can send a specially crafted HTTP request and remote attackers to read arbitrary files via a crafted URL.
12) Cross-site scripting (CVE-ID: CVE-2014-0901)
Vulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in the Social Rendering implementation in the IBM Connections integration in IBM WebSphere Portal 8.0.0.x before 8.0.0.1 CF11. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
13) Cross-site scripting (CVE-ID: CVE-2014-0828)
Vulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in the WCM (Web Content Manager) UI in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF27, and 8.0.0.x before 8.0.0.1 CF11. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
14) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2013-6730)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x before 7.0.0.2 CF27, and 8.0.0.x before 8.0.0.1 CF10, when the wcm.path.traversal.security setting is enabled, allows remote attackers to bypass intended read restrictions on an item by accessing that item within search results.
15) Input validation error (CVE-ID: CVE-2013-6722)
The vulnerability allows remote attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service or modify data via unspecified vectors.
16) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2013-6316)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
IBM WebSphere Portal 7.0.0.x before 7.0.0.2 CF26 and 8.0.0.x before 8.0.0.1 CF09 does not properly handle content-selection changes during Taxonomy component rendering, which allows remote attackers to obtain sensitive property information in opportunistic circumstances by leveraging an error in a Web Content Manager (WCM) context processor.
17) Cross-site scripting (CVE-ID: CVE-2013-6328)
Vulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in the Web Content Manager (WCM) UI in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF26, and 8.0.0.x before 8.0.0.1 CF09. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
18) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2013-6723)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
IBM WebSphere Portal 8.0.0.1 before CF09 does not properly handle references in compute="always" Web Content Manager (WCM) navigator components, which allows remote attackers to obtain sensitive component information via unspecified vectors.
19) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2013-6735)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
IBM WebSphere Portal 6.0.0.x through 6.0.0.1, 6.0.1.x through 6.0.1.7, 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF26, and 8.0.0.x through 8.0.0.1 CF08 allows remote attackers to obtain sensitive Java Content Repository (JCR) information via a modified Web Content Manager (WCM) URL.
20) Information disclosure (CVE-ID: CVE-2013-5454)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
IBM WebSphere Portal 6.0 through 6.0.1.7, 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF25, and 8.0 through 8.0.0.1 CF08 allows remote attackers to read arbitrary files via a modified URL.
21) Cross-site scripting (CVE-ID: CVE-2013-5378)
Vulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in IBM WebSphere Portal 8.x before 8.0.0.1 CF8. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
22) Cross-site scripting (CVE-ID: CVE-2013-5379)
Vulnerability allows a remote attacker to perform Cross-site scripting attacks.
An input validation error exists in IBM WebSphere Portal 7.x before 7.0.0.2 CF25 and 8.x before 8.0.0.1 CF8. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- http://secunia.com/advisories/59740
- http://www.securityfocus.com/bid/70757
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI25993
- http://www-01.ibm.com/support/docview.wss?uid=swg21684651
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95375
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI15692
- http://www-01.ibm.com/support/docview.wss?uid=swg21672572
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92622
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI15690
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92624
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI16041
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92625
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI15723
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92627
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI15583
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92628
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI16040
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92629
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI15689
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92739
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI16462
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92741
- http://www.securityfocus.com/bid/67339
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI14125
- http://www-01.ibm.com/support/docview.wss?uid=swg21670753
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91979
- http://www.securityfocus.com/bid/67340
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91980
- http://www.securityfocus.com/bid/66559
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI12659
- http://www-01.ibm.com/support/docview.wss?uid=swg21667016
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91398
- http://www.securityfocus.com/bid/66556
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI10734
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90566
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI07185
- http://www-01.ibm.com/support/docview.wss?uid=swg21665915
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89363
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI07013
- http://www-01.ibm.com/support/docview.wss?uid=swg21662873
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89235
- http://osvdb.org/101270
- http://www.securityfocus.com/bid/64492
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI04897
- http://www-01.ibm.com/support/docview.wss?uid=swg21660011
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88597
- http://osvdb.org/101269
- http://www.securityfocus.com/bid/64495
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM96345
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88909
- http://osvdb.org/101271
- http://www.securityfocus.com/bid/64488
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI05684
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89278
- http://osvdb.org/101255
- http://packetstormsecurity.com/files/124611/IBM-Web-Content-Manager-XPath-Injection.html
- http://secunia.com/advisories/56161
- http://www.securityfocus.com/archive/1/530552/100/0/threaded
- http://www.securityfocus.com/bid/64496
- http://www.securitytracker.com/id/1029539
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI07777
- http://www-01.ibm.com/support/docview.wss?uid=swg21660289
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89591
- https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_fix_available_for_unauthorized_information_retrieval_security_vulnerability_in_ibm_websphere_portal_cve_2013_6735
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM99205
- http://www-01.ibm.com/support/docview.wss?uid=swg21655656
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88253
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM95802
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM95881
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM97593
- http://www-01.ibm.com/support/docview.wss?uid=swg21655634
- https://exchange.xforce.ibmcloud.com/vulnerabilities/86929
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM96047
- http://www-01.ibm.com/support/docview.wss?uid=swg21655635
- https://exchange.xforce.ibmcloud.com/vulnerabilities/86930