漏洞类别:Local
漏洞等级: 
漏洞信息
IBM WebSphere Application Server is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts..
There is a potential cross-site request forgery in WebSphere Application Server OAuth service provider.
WebSphere Application Server.
Affected Versions:
IBM WebSphere Application Server :
Liberty
Version 9.0
Version 8.5.5
Version 8.5
Version 8.0
Version 7.0
QID Detection Logic (Unauthenticated):
This QID matches vulnerable versions in the response it receives by sending a HTTP GET request to target or retrieving by the banner information via the GIOP protocol.
QID Detection Logic (Authenticated):
Operating Systems: Windows
The QID checks if the file %ProgramFiles%\IBM\WebSphere\AppServer\bin\WASService.exe exists on the target or not.
The QID checks the file %programfiles%\IBM\WebSphere\AppServer\properties\version\WAS.product to get the version of IBM WebSphere Application Server
The QID checks if Interim fix PI77770 is applied on the vulnerable versions of IBM WebSphere Application Server -
This QID checks for the file
The following Versions and Interim Fixes checked swg22001226:
WebSphere Application Server version 9.0.0.0 through 9.0.0.3
WebSphere Application Server version 8.5.0.0 through 8.5.5.11
WebSphere Application Server version 8.0.0.0 through 8.0.0.13
WebSphere Application Server version 7.0.0.0 through 7.0.0.43
Interim Fix - PI77770
漏洞危害
Successful exploitation of the vulnerability may lead to credential disclosure.
解决方案
The vendor has released a fix to resolve the issue, please refer to Recommended fixes for WebSphere Application Serverfor more information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论