Directory traversal in IBM WebSphere Portal



Published: 2017-09-21
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2017-1577
CWE-ID CWE-22
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		WebSphere Portal
Server applications / Application servers

Vendor IBM Corporation

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Path traversal

EUVDB-ID: #VU8566

Risk: Medium

CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-1577

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to read arbitrary files on the target system.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can use a specially crafted URL, containing directory traversal sequences (e.g. “../”) to view contents of arbitrary files on the target system.

Mitigation

Install updates from vendor's website:

Product VRMF Fix
IBM WebSphere Portal 9.0 Upgrade to Cumulative Fix 15 (CF15), targeted for 4Q 2017.
OR
Upgrade to either Cumulative Fix 13 (CF13) or Cumulative Fix 14 (CF14). Then apply the Interim Fix PI87495.
(Combined Cumulative Fixes for WebSphere Portal 9.0.0.0)
IBM WebSphere Portal 8.5 Upgrade to Cumulative Fix 15 (CF15), targeted for 4Q 2017.
OR
Upgrade to either Cumulative Fix 13 (CF13) or Cumulative Fix 14 (CF14). Then apply the Interim Fix PI87495.
(Combined Cumulative Fixes for WebSphere Portal 8.5.0.0)
IBM WebSphere Portal 8.0.0.0 through 8.0.0.1 Upgrade to Fix Pack 8.0.0.1 with Cumulative Fix 22 (CF22) and then apply the Interim Fix PI87495.
(Combined Cumulative Fixes for WebSphere Portal 8.0.0.1)
IBM WebSphere Portal 7.0.0.0 through 7.0.0.2 Upgrade to Fix Pack 7.0.0.2 with Cumulative Fix 30 (CF30) and then apply the Interim Fix PI87495.
(Combined Cumulative fixes for WebSphere Portal 7.0.0.2)

Vulnerable software versions

WebSphere Portal: 7.0.0 - 9.0.0.0

External links

http://www-01.ibm.com/support/docview.wss?uid=swg22008586


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###