Multiple vulnerabilities in IBM WebSphere Portal
| Risk | Medium |
| Patch available | NO |
| Number of vulnerabilities | 22 |
| CVE-ID | CVE-2014-4808 CVE-2014-0949 CVE-2014-0951 CVE-2014-0952 CVE-2014-0954 CVE-2014-0955 CVE-2014-0956 CVE-2014-0958 CVE-2014-0959 CVE-2014-0917 CVE-2014-0918 CVE-2014-0901 CVE-2014-0828 CVE-2013-6730 CVE-2013-6722 CVE-2013-6316 CVE-2013-6328 CVE-2013-6723 CVE-2013-6735 CVE-2013-5454 CVE-2013-5378 CVE-2013-5379 |
| CWE-ID | CWE-20 CWE-399 CWE-79 CWE-22 CWE-264 CWE-200 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
WebSphere Portal Server applications / Application servers |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 22 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU41189
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2014-4808
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to read and manipulate data.
Unspecified vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 allows remote authenticated users to execute arbitrary code via unknown vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsWebSphere Portal: 6.1.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
https://secunia.com/advisories/59740
https://www.securityfocus.com/bid/70757
https://www-01.ibm.com/support/docview.wss?uid=swg1PI25993
https://www-01.ibm.com/support/docview.wss?uid=swg21684651
https://exchange.xforce.ibmcloud.com/vulnerabilities/95375
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Resource management error
EUVDB-ID: #VU41633
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2014-0949
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to cause a denial of service (resource consumption and daemon crash) via a crafted web request.
MitigationInstall update from vendor's website.
Vulnerable software versionsWebSphere Portal: 6.1.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
https://www-01.ibm.com/support/docview.wss?uid=swg1PI15692
https://www-01.ibm.com/support/docview.wss?uid=swg21672572
https://exchange.xforce.ibmcloud.com/vulnerabilities/92622
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Cross-site scripting
EUVDB-ID: #VU41634
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2014-0951
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionVulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in FilterForm.jsp in IBM WebSphere Portal 7.0 before 7.0.0.2 CF28 and 8.0 before 8.0.0.1 CF12. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWebSphere Portal: 6.1.0.6 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:7.0.0.0:*:*:*:*:*:*:*
https://www-01.ibm.com/support/docview.wss?uid=swg1PI15690
https://www-01.ibm.com/support/docview.wss?uid=swg21672572
https://exchange.xforce.ibmcloud.com/vulnerabilities/92624
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Cross-site scripting
EUVDB-ID: #VU41635
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2014-0952
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionVulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in boot_config.jsp in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF28, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWebSphere Portal: 6.1.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
https://www-01.ibm.com/support/docview.wss?uid=swg1PI16041
https://www-01.ibm.com/support/docview.wss?uid=swg21672572
https://exchange.xforce.ibmcloud.com/vulnerabilities/92625
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU41636
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2014-0954
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 does not validate JSP includes, which allows remote attackers to obtain sensitive information, bypass intended request-dispatcher access restrictions, or cause a denial of service (memory consumption) via a crafted URL.
MitigationInstall update from vendor's website.
Vulnerable software versionsWebSphere Portal: 6.1.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
https://www-01.ibm.com/support/docview.wss?uid=swg1PI15723
https://www-01.ibm.com/support/docview.wss?uid=swg21672572
https://exchange.xforce.ibmcloud.com/vulnerabilities/92627
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Cross-site scripting
EUVDB-ID: #VU41637
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2014-0955
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionVulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in IBM WebSphere Portal 8.0 before 8.0.0.1 CF12, when Social Rendering in Connections integration is enabled,. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWebSphere Portal: 8.0.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:8.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:8.0.0.1:*:*:*:*:*:*:*
https://www-01.ibm.com/support/docview.wss?uid=swg1PI15583
https://www-01.ibm.com/support/docview.wss?uid=swg21672572
https://exchange.xforce.ibmcloud.com/vulnerabilities/92628
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Cross-site scripting
EUVDB-ID: #VU41638
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2014-0956
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionVulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in googlemap.jsp in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWebSphere Portal: 6.1.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
https://www-01.ibm.com/support/docview.wss?uid=swg1PI16040
https://www-01.ibm.com/support/docview.wss?uid=swg21672572
https://exchange.xforce.ibmcloud.com/vulnerabilities/92629
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Input validation error
EUVDB-ID: #VU41639
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2014-0958
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Open redirect vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. CWE-601: URL Redirection to Untrusted Site ('Open Redirect') http://cwe.mitre.org/data/definitions/601.html
MitigationInstall update from vendor's website.
Vulnerable software versionsWebSphere Portal: 6.1.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
https://www-01.ibm.com/support/docview.wss?uid=swg1PI15689
https://www-01.ibm.com/support/docview.wss?uid=swg21672572
https://exchange.xforce.ibmcloud.com/vulnerabilities/92739
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Input validation error
EUVDB-ID: #VU41640
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2014-0959
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to perform service disruption.
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote authenticated users to cause a denial of service (infinite loop) via a login redirect.
MitigationInstall update from vendor's website.
Vulnerable software versionsWebSphere Portal: 6.1.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
https://www-01.ibm.com/support/docview.wss?uid=swg1PI16462
https://www-01.ibm.com/support/docview.wss?uid=swg21672572
https://exchange.xforce.ibmcloud.com/vulnerabilities/92741
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Cross-site scripting
EUVDB-ID: #VU41665
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2014-0917
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionVulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF27, and 8.0 before 8.0.0.1 CF06. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWebSphere Portal: 6.1.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
https://www.securityfocus.com/bid/67339
https://www-01.ibm.com/support/docview.wss?uid=swg1PI14125
https://www-01.ibm.com/support/docview.wss?uid=swg21670753
https://exchange.xforce.ibmcloud.com/vulnerabilities/91979
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Path traversal
EUVDB-ID: #VU41666
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2014-0918
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF27, and 8.0 before 8.0.0.1 CF06. A remote authenticated attacker can send a specially crafted HTTP request and remote attackers to read arbitrary files via a crafted URL.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWebSphere Portal: 6.1.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
https://www.securityfocus.com/bid/67340
https://www-01.ibm.com/support/docview.wss?uid=swg1PI14125
https://www-01.ibm.com/support/docview.wss?uid=swg21670753
https://exchange.xforce.ibmcloud.com/vulnerabilities/91980
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Cross-site scripting
EUVDB-ID: #VU41853
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2014-0901
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionVulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in the Social Rendering implementation in the IBM Connections integration in IBM WebSphere Portal 8.0.0.x before 8.0.0.1 CF11. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWebSphere Portal: 8.0.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:8.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:8.0.0.1:*:*:*:*:*:*:*
https://www.securityfocus.com/bid/66559
https://www-01.ibm.com/support/docview.wss?uid=swg1PI12659
https://www-01.ibm.com/support/docview.wss?uid=swg21667016
https://exchange.xforce.ibmcloud.com/vulnerabilities/91398
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Cross-site scripting
EUVDB-ID: #VU41854
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2014-0828
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionVulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in the WCM (Web Content Manager) UI in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF27, and 8.0.0.x before 8.0.0.1 CF11. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWebSphere Portal: 6.1.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
https://www.securityfocus.com/bid/66556
https://www-01.ibm.com/support/docview.wss?uid=swg1PI10734
https://www-01.ibm.com/support/docview.wss?uid=swg21667016
https://exchange.xforce.ibmcloud.com/vulnerabilities/90566
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU41970
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-6730
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x before 7.0.0.2 CF27, and 8.0.0.x before 8.0.0.1 CF10, when the wcm.path.traversal.security setting is enabled, allows remote attackers to bypass intended read restrictions on an item by accessing that item within search results.
MitigationInstall update from vendor's website.
Vulnerable software versionsWebSphere Portal: 6.1.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
https://www-01.ibm.com/support/docview.wss?uid=swg1PI07185
https://www-01.ibm.com/support/docview.wss?uid=swg21665915
https://exchange.xforce.ibmcloud.com/vulnerabilities/89363
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Input validation error
EUVDB-ID: #VU42046
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-6722
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows remote attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service or modify data via unspecified vectors.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWebSphere Portal: 7.0.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:7.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:7.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:7.0.0.2:*:*:*:*:*:*:*
https://www-01.ibm.com/support/docview.wss?uid=swg1PI07013
https://www-01.ibm.com/support/docview.wss?uid=swg21662873
https://exchange.xforce.ibmcloud.com/vulnerabilities/89235
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU42215
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-6316
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
IBM WebSphere Portal 7.0.0.x before 7.0.0.2 CF26 and 8.0.0.x before 8.0.0.1 CF09 does not properly handle content-selection changes during Taxonomy component rendering, which allows remote attackers to obtain sensitive property information in opportunistic circumstances by leveraging an error in a Web Content Manager (WCM) context processor.
MitigationInstall update from vendor's website.
Vulnerable software versionsWebSphere Portal: 7.0.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:7.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:7.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:7.0.0.2:*:*:*:*:*:*:*
https://osvdb.org/101270
https://www.securityfocus.com/bid/64492
https://www-01.ibm.com/support/docview.wss?uid=swg1PI04897
https://www-01.ibm.com/support/docview.wss?uid=swg21660011
https://exchange.xforce.ibmcloud.com/vulnerabilities/88597
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Cross-site scripting
EUVDB-ID: #VU42216
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2013-6328
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionVulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in the Web Content Manager (WCM) UI in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF26, and 8.0.0.x before 8.0.0.1 CF09. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWebSphere Portal: 6.1.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
https://osvdb.org/101269
https://www.securityfocus.com/bid/64495
https://www-01.ibm.com/support/docview.wss?uid=swg1PM96345
https://www-01.ibm.com/support/docview.wss?uid=swg21660011
https://exchange.xforce.ibmcloud.com/vulnerabilities/88909
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU42217
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-6723
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
IBM WebSphere Portal 8.0.0.1 before CF09 does not properly handle references in compute="always" Web Content Manager (WCM) navigator components, which allows remote attackers to obtain sensitive component information via unspecified vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsWebSphere Portal: 8.0.0.1
CPE2.3 External linkshttps://osvdb.org/101271
https://www.securityfocus.com/bid/64488
https://www-01.ibm.com/support/docview.wss?uid=swg1PI05684
https://www-01.ibm.com/support/docview.wss?uid=swg21660011
https://exchange.xforce.ibmcloud.com/vulnerabilities/89278
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU42218
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-6735
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
IBM WebSphere Portal 6.0.0.x through 6.0.0.1, 6.0.1.x through 6.0.1.7, 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF26, and 8.0.0.x through 8.0.0.1 CF08 allows remote attackers to obtain sensitive Java Content Repository (JCR) information via a modified Web Content Manager (WCM) URL.
MitigationInstall update from vendor's website.
Vulnerable software versionsWebSphere Portal: 6.0.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:6.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.0.1.0:*:*:*:*:*:*:*
https://osvdb.org/101255
https://packetstormsecurity.com/files/124611/IBM-Web-Content-Manager-XPath-Injection.html
https://secunia.com/advisories/56161
https://www.securityfocus.com/archive/1/530552/100/0/threaded
https://www.securityfocus.com/bid/64496
https://www.securitytracker.com/id/1029539
https://www-01.ibm.com/support/docview.wss?uid=swg1PI07777
https://www-01.ibm.com/support/docview.wss?uid=swg21660289
https://exchange.xforce.ibmcloud.com/vulnerabilities/89591
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_fix_available_for_unauthorized_information_retrieval_security_vulnerability_in_ibm_websphere_portal_cve_2013_6735
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Information disclosure
EUVDB-ID: #VU42359
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-5454
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
IBM WebSphere Portal 6.0 through 6.0.1.7, 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF25, and 8.0 through 8.0.0.1 CF08 allows remote attackers to read arbitrary files via a modified URL.
MitigationInstall update from vendor's website.
Vulnerable software versionsWebSphere Portal: 6.0.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:6.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:6.0.1.0:*:*:*:*:*:*:*
https://www-01.ibm.com/support/docview.wss?uid=swg1PM99205
https://www-01.ibm.com/support/docview.wss?uid=swg21655656
https://exchange.xforce.ibmcloud.com/vulnerabilities/88253
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Cross-site scripting
EUVDB-ID: #VU42378
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2013-5378
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionVulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in IBM WebSphere Portal 8.x before 8.0.0.1 CF8. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWebSphere Portal: 8.0.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:8.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:8.0.0.1:*:*:*:*:*:*:*
https://www-01.ibm.com/support/docview.wss?uid=swg1PM95802
https://www-01.ibm.com/support/docview.wss?uid=swg1PM95881
https://www-01.ibm.com/support/docview.wss?uid=swg1PM97593
https://www-01.ibm.com/support/docview.wss?uid=swg21655634
https://exchange.xforce.ibmcloud.com/vulnerabilities/86929
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Cross-site scripting
EUVDB-ID: #VU42379
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2013-5379
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionVulnerability allows a remote attacker to perform Cross-site scripting attacks.
An input validation error exists in IBM WebSphere Portal 7.x before 7.0.0.2 CF25 and 8.x before 8.0.0.1 CF8. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsWebSphere Portal: 7.0.0.0 - 8.0.0.1
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:7.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:7.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:7.0.0.2:*:*:*:*:*:*:*
https://www-01.ibm.com/support/docview.wss?uid=swg1PM96047
https://www-01.ibm.com/support/docview.wss?uid=swg21655635
https://exchange.xforce.ibmcloud.com/vulnerabilities/86930
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
