Input validation flaw in IBM WebSphere Portal
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2016-2925 |
| CWE-ID | CWE-79 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
WebSphere Portal Server applications / Application servers |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Input validation flaw
EUVDB-ID: #VU233
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Green]
CVE-ID: CVE-2016-2925
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to improper validation of user-supplied input. A remote attacker can perform a cross-site scripting attack by using a specially-crafted URL to execute script in a victim's web browser within the security context of the hosting web site.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
For version 8.5.0 upgrade to Cumulative Fix 10 (CF10).
For versions 8.0.0 through 8.0.0.1 upgrade to Fix Pack 8.0.0.1 with Cumulative Fix 21 (CF21).
For vervions 7.0.0 through 7.0.0.2 upgrade to Fix Pack 7.0.0.2 with Cumulative Fix 30 (CF30) and then apply the Interim Fix PI62749.
For versions 6.1.5.0 through 6.1.5.3 upgrade to Fix Pack 6.1.5.3 with Cumulative Fix 27 (CF27) and then apply the Interim Fix PI62749.
For versions 6.1.0.0 through 6.1.0.6 upgrade to Fix Pack 6.1.0.6 with Cumulative Fix 27 (CF27) and then apply the Interim Fix PI62749.
WebSphere Portal: 6.1.0.0 - 8.5.0.0
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:7.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:7.0.0.2:*:*:*:*:*:*:*
https://www-01.ibm.com/support/docview.wss?uid=swg21986461
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
