SB2018022717 - Multiple vulnerabilities in IBM WebSphere Portal
Published: February 27, 2018 Updated: August 8, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 7 secuirty vulnerabilities.
1) Incorrect permission assignment for critical resource (CVE-ID: CVE-2018-1420)
The vulnerability allows a remote authenticated user to manipulate data.
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation. This can lead to security miss-configuration of the installation. IBM X-Force ID: 138950.
2) Improper Authentication (CVE-ID: CVE-2018-1672)
The vulnerability allows a remote authenticated user to read and manipulate data.
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user. IBM X-Force ID: 144958.
3) Cross-site scripting (CVE-ID: CVE-2018-1660)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. The vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
4) Cross-site scripting (CVE-ID: CVE-2018-1716)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. The vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
5) Open redirect (CVE-ID: CVE-2018-1736)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 147906.
6) Cross-site scripting (CVE-ID: CVE-2018-1820)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. The vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
7) Cross-site scripting (CVE-ID: CVE-2018-1416)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. The vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- http://www.securitytracker.com/id/1041767
- https://exchange.xforce.ibmcloud.com/vulnerabilities/138950
- https://www.ibm.com/support/docview.wss?uid=swg22014276
- http://www.securitytracker.com/id/1041766
- https://exchange.xforce.ibmcloud.com/vulnerabilities/144958
- https://www.ibm.com/support/docview.wss?uid=ibm10716981
- http://www.securityfocus.com/bid/105446
- http://www.securitytracker.com/id/1041755
- https://exchange.xforce.ibmcloud.com/vulnerabilities/144886
- https://www.ibm.com/support/docview.wss?uid=ibm10715923
- http://www.securitytracker.com/id/1041754
- https://exchange.xforce.ibmcloud.com/vulnerabilities/147164
- https://www.ibm.com/support/docview.wss?uid=ibm10729323
- http://www.securityfocus.com/bid/105490
- http://www.securitytracker.com/id/1041753
- https://exchange.xforce.ibmcloud.com/vulnerabilities/147906
- https://www.ibm.com/support/docview.wss?uid=ibm10729683
- http://www.securitytracker.com/id/1041751
- https://exchange.xforce.ibmcloud.com/vulnerabilities/150096
- https://www.ibm.com/support/docview.wss?uid=ibm10732287
- http://www.ibm.com/support/docview.wss?uid=swg22013706
- http://www.securityfocus.com/bid/103168
- https://exchange.xforce.ibmcloud.com/vulnerabilities/138822