QID 375780

Date Published: 2021-08-12

QID 375780: IBM WebSphere Application Server Privilege Escalation Vulnerability (6476678)

IBM WebSphere Application Server is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.

Affected Versions:
WebSphere Application Server V9.0.0.0 through 9.0.5.8
WebSphere Application Server V8.5.0.0 through 8.5.5.20
WebSphere Application Server V8.0.0.0 through 8.0.0.15
WebSphere Application Server V7.0.0.0 through 7.0.0.45

QID Detection Logic (Authenticated):
This QID checks for the vulnerable version of IBM WebSphere Application Server and checks if the patches are installed or not.

QID Detection Logic (Unauthenticated):
This QID matches vulnerable versions via the GIOP banner.

A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.

  • CVSS V3 rated as Critical - 8.8 severity.
  • CVSS V2 rated as High - 6.5 severity.
  • Solution
    The vendor has released patches. Please visit IBM WebSphere Application Server(6476678) for more information.
    Vendor References

    CVEs related to QID 375780

    Software Advisories
    Advisory ID Software Component Link
    IBM Websphere(6476678) URL Logo www.ibm.com/support/pages/node/6476678