Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 Tenable Network Security, Inc.WEBSPHERE_PORTAL_CVE-2014-5191.NASL
HistoryOct 30, 2014 - 12:00 a.m.

IBM WebSphere Portal CKEditor XSS (PI24992, PI26456)

2014-10-3000:00:00
This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.
www.tenable.com
13

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

56.9%

JSON

The version of IBM WebSphere Portal installed on the remote host is affected by a cross-site scripting vulnerability in the CKEditor component due to improper validation of user-supplied input. A remote attacker can exploit this flaw using a specially crafted URL to execute scripts in a user’s web browser within the security context of the hosting website. This allows an attacker to steal a user’s cookie-based authentication credentials.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(78746);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2014-5191");
  script_bugtraq_id(69161);

  script_name(english:"IBM WebSphere Portal CKEditor XSS (PI24992, PI26456)");
  script_summary(english:"Checks for installed patches.");

  script_set_attribute(attribute:"synopsis", value:
"The remote Windows host has web portal software installed that is
affected by a cross-site scripting vulnerability.");
  script_set_attribute(attribute:"description", value:
"The version of IBM WebSphere Portal installed on the remote host is
affected by a cross-site scripting vulnerability in the CKEditor
component due to improper validation of user-supplied input. A remote
attacker can exploit this flaw using a specially crafted URL to
execute scripts in a user's web browser within the security context of
the hosting website. This allows an attacker to steal a user's
cookie-based authentication credentials.");
  script_set_attribute(attribute:"see_also", value:"https://www-304.ibm.com/support/docview.wss?uid=swg21684650");
  script_set_attribute(attribute:"solution", value:
"IBM has published Interim Fixes PI24992 and PI26456. Refer to IBM's
advisory for more information.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/10/24");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/10/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/10/30");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_portal");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:ckeditor:ckeditor");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.");

  script_dependencies("websphere_portal_installed.nbin");
  script_require_keys("installed_sw/IBM WebSphere Portal");

  exit(0);
}

include("websphere_portal_version.inc");

websphere_portal_check_version(
  ranges:make_list("8.0.0.0, 8.0.0.1, CF14"),
  fix:"PI24992, PI26456",
  severity:SECURITY_WARNING,
  xss:TRUE
);
VendorProductVersionCPE
ibmwebsphere_portalcpe:/a:ibm:websphere_portal
ckeditorckeditorcpe:/a:ckeditor:ckeditor

Related

veracode 1
debiancve 1
ubuntucve 1
nessus 3
ibm 2
cvelist 1
prion 1
nvd 1
cve 1
veracode
veracode
Cross-Site Scripting (XSS)
2015-02-11 16:10:59
debiancve
debiancve
CVE-2014-5191
2014-08-07 11:13:37
ubuntucve
ubuntucve
CVE-2014-5191
2014-08-07 00:00:00
nessus
nessus
CKEditor Preview Plugin Unspecified XSS
2014-07-31 00:00:00
IBM WebSphere Portal 8.0.0.x < 8.0.0.1 CF15 Multiple Vulnerabilities
2015-04-17 00:00:00
IBM WebSphere Portal 8.5.0 < 8.5.0 CF03 Multiple Vulnerabilities
2014-10-30 00:00:00
ibm
ibm
Security Bulletin: IBM OpenPages GRC Platform is affected by CKEditor (Preview Plugin) vulnerability (CVE-2014-5191)
2019-02-04 14:50:01
Security Bulletin: IBM CΓΊram is susceptible to a Open Source CKEditor vulnerability (CVE-2014-5191).
2018-07-17 09:52:58
cvelist
cvelist
CVE-2014-5191
2014-08-07 10:00:00
prion
prion
Cross site scripting
2014-08-07 11:13:00
nvd
nvd
CVE-2014-5191
2014-08-07 11:13:37
cve
cve
CVE-2014-5191
2014-08-07 11:13:37

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

56.9%

JSON
Related for WEBSPHERE_PORTAL_CVE-2014-5191.NASL
veracode1debiancve1ubuntucve1nessus3ibm2cvelist1prion1nvd1cve1