ID CVE-2015-7472
Summary IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and 8.5.0 before CF10 allows remote attackers to conduct LDAP injection attacks, and consequently read or write to repository data, via unspecified vectors.
References
Vulnerable Configurations
  • IBM Websphere Portal 8.5.0.0
    cpe:2.3:a:ibm:websphere_portal:8.5.0.0
  • IBM Websphere Portal 8.0.0.1
    cpe:2.3:a:ibm:websphere_portal:8.0.0.1
  • IBM Websphere Portal 8.0.0.0
    cpe:2.3:a:ibm:websphere_portal:8.0.0.0
  • IBM Websphere Portal 7.0.0.2
    cpe:2.3:a:ibm:websphere_portal:7.0.0.2
  • IBM Websphere Portal 7.0.0.1
    cpe:2.3:a:ibm:websphere_portal:7.0.0.1
  • IBM Websphere Portal 7.0.0.0
    cpe:2.3:a:ibm:websphere_portal:7.0.0.0
  • IBM Websphere Portal 6.1.5.3
    cpe:2.3:a:ibm:websphere_portal:6.1.5.3
  • IBM Websphere Portal 6.1.5.2
    cpe:2.3:a:ibm:websphere_portal:6.1.5.2
  • IBM Websphere Portal 6.1.5.1
    cpe:2.3:a:ibm:websphere_portal:6.1.5.1
  • IBM Websphere Portal 6.1.5.0
    cpe:2.3:a:ibm:websphere_portal:6.1.5.0
  • IBM Websphere Portal 6.1.0.6
    cpe:2.3:a:ibm:websphere_portal:6.1.0.6
  • IBM Websphere Portal 6.1.0.5
    cpe:2.3:a:ibm:websphere_portal:6.1.0.5
  • IBM Websphere Portal 6.1.0.4
    cpe:2.3:a:ibm:websphere_portal:6.1.0.4
  • IBM Websphere Portal 6.1.0.3
    cpe:2.3:a:ibm:websphere_portal:6.1.0.3
  • IBM Websphere Portal 6.1.0.2
    cpe:2.3:a:ibm:websphere_portal:6.1.0.2
  • IBM Websphere Portal 6.1.0.1
    cpe:2.3:a:ibm:websphere_portal:6.1.0.1
  • IBM Websphere Portal 6.1.0.0
    cpe:2.3:a:ibm:websphere_portal:6.1.0.0
CVSS
Base: 6.4 (as of 10-03-2016 - 12:48)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
nessus via4
  • NASL family CGI abuses
    NASL id WEBSPHERE_PORTAL_8_5_0_0_CF10.NASL
    description The version of IBM WebSphere Portal installed on the remote Windows host is 8.5.0.0 prior to 8.5.0.0 CF10. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists that is triggered when handling a specially crafted request. An unauthenticated, remote attacker can exploit this to inject arbitrary LDAP content and view, add, modify or delete information in the user repository. (CVE-2015-7472) - An XXE (XML external entity) injection vulnerability exists due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. An unauthenticated, remote attacker can exploit this, via specially crafted XML data, to cause a denial of service condition or disclose sensitive information. (CVE-2016-0245) - A cross-site scripting (XSS) vulnerability exists due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session. (CVE-2016-2925)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 93027
    published 2016-08-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93027
    title IBM WebSphere Portal 8.5.0.0 < 8.5.0.0 CF10 Multiple Vulnerabilities
  • NASL family CGI abuses
    NASL id WEBSPHERE_PORTAL_8_0_0_1_CF19.NASL
    description The version of IBM WebSphere Portal installed on the remote host is 8.0.0.x prior to 8.0.0.1 CF19 with interim fixes PI51395 and PI53426. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the Portal AccessControl REST API that allows an unauthenticated, remote attacker to bypass access control lists and disclose sensitive configuration information. (CVE-2015-7447) - An unspecified flaw exists when handling a specially crafted request that allows an unauthenticated, remote attacker to inject LDAP content and view, add, modify or delete information in the user repository. (CVE-2015-7472)
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 93075
    published 2016-08-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93075
    title IBM WebSphere Portal 8.0.0.x < 8.0.0.1 CF19 PI51395 and PI53426 Multiple Vulnerabilities
refmap via4
aixapar PI53426
confirm http://www-01.ibm.com/support/docview.wss?uid=swg21972736
sectrack 1035324
Last major update 02-12-2016 - 22:12
Published 14-02-2016 - 21:59
Back to Top