ID CVE-2016-0245
Summary The XML parser in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8.5.x before 8.5.0.0 CF10 allows remote authenticated users to read arbitrary files or cause a denial of service via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
References
Vulnerable Configurations
  • IBM Websphere Portal 8.5.0.0
    cpe:2.3:a:ibm:websphere_portal:8.5.0.0
  • IBM Websphere Portal 8.0.0.1
    cpe:2.3:a:ibm:websphere_portal:8.0.0.1
  • IBM Websphere Portal 8.0.0.0
    cpe:2.3:a:ibm:websphere_portal:8.0.0.0
CVSS
Base: 5.5 (as of 14-09-2016 - 10:55)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE PARTIAL
nessus via4
  • NASL family CGI abuses
    NASL id WEBSPHERE_PORTAL_SWG21976358.NASL
    description The IBM WebSphere Portal installed on the remote host is version 6.1.0.x prior to 6.1.0.6 CF27 with patches, 6.1.5.x prior to 6.1.5.3 CF27 with patches, 7.0.0.x prior to 7.0.0.2 CF29 with patches, 8.0.0.x prior to 8.0.0.1 CF20, or 8.5.0.0 prior to 8.5.0.0 CF09 with patches. It is, therefore, affected by multiple vulnerabilities : - An open redirect vulnerability exists due to improper validation of input before returning it to the user. An attacker can exploit this, via a specially crafted link, to redirect a victim to an arbitrary website. (CVE-2015-7428) - A security bypass vulnerability exists due to insecure permissions. A remote attacker can exploit this to make changes to content items. (CVE-2015-7455) - Multiple unspecified cross-site scripting vulnerabilities exist due to improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session. (CVE-2015-7457, CVE-2015-7491, CVE-2016-0243, CVE-2016-0244) - An XML External Entity (XXE) injection vulnerability exists due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. A remote attacker can exploit this, via specially crafted XML data, to cause a denial of service condition or to disclose sensitive information. (CVE-2016-0245)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 89689
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89689
    title IBM WebSphere Portal Multiple Vulnerabilities (swg21976358)
  • NASL family CGI abuses
    NASL id WEBSPHERE_PORTAL_8_5_0_0_CF10.NASL
    description The version of IBM WebSphere Portal installed on the remote Windows host is 8.5.0.0 prior to 8.5.0.0 CF10. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists that is triggered when handling a specially crafted request. An unauthenticated, remote attacker can exploit this to inject arbitrary LDAP content and view, add, modify or delete information in the user repository. (CVE-2015-7472) - An XXE (XML external entity) injection vulnerability exists due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. An unauthenticated, remote attacker can exploit this, via specially crafted XML data, to cause a denial of service condition or disclose sensitive information. (CVE-2016-0245) - A cross-site scripting (XSS) vulnerability exists due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session. (CVE-2016-2925)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 93027
    published 2016-08-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93027
    title IBM WebSphere Portal 8.5.0.0 < 8.5.0.0 CF10 Multiple Vulnerabilities
  • NASL family CGI abuses
    NASL id WEBSPHERE_PORTAL_8_0_0_1_CF20.NASL
    description The version of IBM WebSphere Portal installed on the remote host is 8.0.0.x prior to 8.0.0.1 CF20. It is, therefore, affected by multiple vulnerabilities : - An open redirect vulnerability exists due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted link, to redirect a user from the intended legitimate web site to an arbitrary web site of the attacker's choosing. (CVE-2015-7428) - An XML external entity (XXE) injection vulnerability exists due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. An authenticated, remote attacker can exploit this, via specially crafted XML data, to cause a denial of service or disclose sensitive information. (CVE-2016-0245)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 93076
    published 2016-08-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93076
    title IBM WebSphere Portal 8.0.0.x < 8.0.0.1 CF20 Multiple Vulnerabilities
refmap via4
aixapar PI56682
confirm http://www.ibm.com/support/docview.wss?uid=swg21975358
Last major update 19-02-2017 - 01:15
Published 29-02-2016 - 06:59
Back to Top