漏洞类别:Local
漏洞等级: 
漏洞信息
IBM WebSphere Portal is a solution for delivering web content and applications in an integrated, differentiated and personalized web experience.
IBM has addressed multiple unspecified vulnerabilities related to IBM SDK Java that affects WebSphere Portal.
Affected Versions:
IBM WebSphere Portal 9.0
IBM WebSphere Portal 8.5
IBM WebSphere Portal 8.0
IBM WebSphere Portal 7.0
IBM WebSphere Portal 6.1
QID Detection Logic (Authenticated):
Operating Systems: Windows
The QID checks if the file %ProgramFiles%\IBM\WebSphere\PortalServer\wps.properties or C:\IBM\WebSphere\PortalServer\wps.properties exists on the target or not.
The QID then checks if the IBM Java SDK patch for IBM Websphere Application Server mentioned in advisoryswg22010560 has been applied or not.
漏洞危害
Successful exploitation of the vulnerabilities will lead allow an unauthenticated attacker to take control of the system.
解决方案
The vendor has released a fix to resolve the issue, please refer to Recommended fixes for WebSphere Application Server for more information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论