IBM WebSphere Lombardi Edition Security Bypass and Cross-Site Scripting Vulnerabilities


Description   A security issue and a vulnerability have been reported in IBM WebSphere Lombardi Edition, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.
1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
2) The application does not properly restrict access to certain services, which can be exploited to gain access to otherwise restricted services by invoking a service using the executeServiceByName URL.
The security issue and vulnerability are reported in versions 7.2.x.
     
Vulnerable Products   Vulnerable Software:
IBM WebSphere Lombardi Edition 7.x
     
Solution   Apply JR50795 and IT06189. Please see the vendor's advisories for details.
     
CVE   CVE-2015-0110
CVE-2015-0106
     
References   IBM (JR50795 and IT06189):
http://www.ibm.com/support/docview.wss?uid=swg21694935
http://www.ibm.com/support/docview.wss?uid=swg21694940
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
XSS - Prevention - GET : suspicious 'iframe' tag found in URL
3.2.0
XSS - Prevention - GET : suspicious 'meta' tag found in URL
3.2.0
XSS - Prevention - GET : suspicious tag with event found in URL
3.2.0
XSS - Prevention - GET : suspicious 'applet' tag found in URL
3.2.0
XSS - Phishing : suspicious 'div' tag found in URL
3.2.0
XSS - Prevention - GET : suspicious 'style' attribute found in URL
3.2.0
XSS - Prevention - GET : suspicious 'img' tag found in URL
3.2.0
XSS - Phishing : suspicious 'a' tag found in URL
3.2.0
XSS - Prevention - GET : cookie access attempt using script language found in URL
3.2.0
XSS - Prevention - GET : suspicious 'embed' tag found in URL
3.2.0
XSS - Prevention - GET : suspicious 'object' tag found in URL
3.2.0
XSS - Phishing : suspicious 'form' tag found in URL
3.2.0
XSS - Prevention - GET : javascript code found in URL
3.2.0
XSS - Prevention - GET : evasion attempt using tag characters encoding in URL
3.2.0
XSS - Prevention - GET : suspicious 'style' tag found in URL
3.2.0
XSS - Phishing : suspicious 'link' tag found in URL
3.2.0
XSS - Prevention - GET : 'script' tag found in URL
3.2.0
XSS - Prevention - GET : 'location' javascript object found in URL
3.2.0
XSS - Prevention - GET : suspicious 'div' tag found in URL
3.2.0
     


 
 
 
 
 Risk level 
Low 

 Vulnerability First Public Report Date 
2015-03-17 

 Target Type 
Server 

 Possible exploit 
Remote