Vulnerabilities > CVE-2014-6153 - Cryptographic Issues vulnerability in IBM Websphere Service Registry and Repository

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

ibm

CWE-310

nessus

NVD

Published: 2014-12-24

Updated: 2024-11-21

Summary

The Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.3.x through 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Websphere Service Registry AND Repository 7.5.0.4 IBM Websphere Service Registry AND Repository 7.5.0.1 IBM Websphere Service Registry AND Repository 7.0.0.1 IBM Websphere Service Registry AND Repository 7.5.0.2 IBM Websphere Service Registry AND Repository 8.0 IBM Websphere Service Registry AND Repository 6.3.0.4 IBM Websphere Service Registry AND Repository 6.3.0.1 IBM Websphere Service Registry AND Repository 7.5.0.0 IBM Websphere Service Registry AND Repository 7.0.0.4 IBM Websphere Service Registry AND Repository 7.0.0.3 IBM Websphere Service Registry AND Repository 7.0.0 IBM Websphere Service Registry AND Repository 7.5.0.3 IBM Websphere Service Registry AND Repository 6.3.0.2 IBM Websphere Service Registry AND Repository 8.0.0.1 IBM Websphere Service Registry AND Repository 8.5 IBM Websphere Service Registry AND Repository 6.3.0.5 IBM Websphere Service Registry AND Repository 6.3.0 IBM Websphere Service Registry AND Repository 8.0.0.2 IBM Websphere Service Registry AND Repository 6.3.0.3 IBM Websphere Service Registry AND Repository 7.0.0.5 IBM Websphere Service Registry AND Repository 7.0.0.2	21

Common Weakness Enumeration (CWE)

CWE-310 - Cryptographic Issues

Common Attack Pattern Enumeration and Classification (CAPEC)

Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Nessus

NASL family	Windows
NASL id	WEBSPHERE_SERVICE_REGISTRY_AND_REPOSITORY_7504_MULT_VULN.NASL
description	The version of IBM WebSphere Service Registry and Repository (WSRR) is version 7.5 prior to 7.5.0.4. It is therefore, affected by multiple vulnerabilities : - An unspecified DOM based cross-site scripting (XSS) vulnerability in the WSRR web UI. (CVE-2014-6132) - WSSR web interface issues a cookie that is not declared SSL only. (CVE-2014-6153) - An unspecified path traversal vulnerability in the SERVICEREGISTRY UI. (CVE-2014-6155) - An unspecified information disclosure flaw related to access control checks when a retrieve depth is 0. (CVE-2014-6177) - An unspecified script injection vulnerability in WSSR widgets. (CVE-2014-6178) - An unspecified DOM based cross-site scripting (XSS) vulnerability in the WSRR web UI. (CVE-2014-6179) - An unspecified HTML injection vulnerability related to the User-Agent header in the WSRR web UI. (CVE-2014-6180) - Improper enforcement of object access control restrictions. (CVE-2014-6186) - An unspecified cross-site request forgery (XSRF) vulnerability. (CVE-2014-6187) - Unspecified cross-site scripting (XSS) vulnerabilities. (CVE-2014-6188)
last seen	2020-03-18
modified	2015-01-20
plugin id	80857
published	2015-01-20
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/80857
title	IBM WebSphere Service Registry and Repository 7.5 < 7.5.0.4 Multiple Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(80857); script_version("1.9"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/05"); script_cve_id( "CVE-2014-6132", "CVE-2014-6153", "CVE-2014-6155", "CVE-2014-6177", "CVE-2014-6178", "CVE-2014-6179", "CVE-2014-6180", "CVE-2014-6186", "CVE-2014-6187", "CVE-2014-6188" ); script_bugtraq_id( 71897, 71899, 71900, 71901, 71902, 71903, 71905, 71906, 71907, 71908 ); script_name(english:"IBM WebSphere Service Registry and Repository 7.5 < 7.5.0.4 Multiple Vulnerabilities"); script_summary(english:"Checks the version of WebSphere Service Registry and Repository."); script_set_attribute(attribute:"synopsis", value: "The remote host has a web application installed that is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of IBM WebSphere Service Registry and Repository (WSRR) is version 7.5 prior to 7.5.0.4. It is therefore, affected by multiple vulnerabilities : - An unspecified DOM based cross-site scripting (XSS) vulnerability in the WSRR web UI. (CVE-2014-6132) - WSSR web interface issues a cookie that is not declared SSL only. (CVE-2014-6153) - An unspecified path traversal vulnerability in the SERVICEREGISTRY UI. (CVE-2014-6155) - An unspecified information disclosure flaw related to access control checks when a retrieve depth is 0. (CVE-2014-6177) - An unspecified script injection vulnerability in WSSR widgets. (CVE-2014-6178) - An unspecified DOM based cross-site scripting (XSS) vulnerability in the WSRR web UI. (CVE-2014-6179) - An unspecified HTML injection vulnerability related to the User-Agent header in the WSRR web UI. (CVE-2014-6180) - Improper enforcement of object access control restrictions. (CVE-2014-6186) - An unspecified cross-site request forgery (XSRF) vulnerability. (CVE-2014-6187) - Unspecified cross-site scripting (XSS) vulnerabilities. (CVE-2014-6188)"); script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg21693384"); script_set_attribute(attribute:"solution", value: "Upgrade to IBM WebSphere Service Registry and Repository Fix Pack 7.5.0.4 and contact the vendor for solutions to CVE-2014-6132, CVE-2014-6153, and CVE-2014-6155."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-6187"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990); script_set_attribute(attribute:"vuln_publication_date", value:"2014/12/19"); script_set_attribute(attribute:"patch_publication_date", value:"2014/12/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/20"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_service_registry_and_repository"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("websphere_service_registry_repository_installed.nasl"); script_require_keys("installed_sw/IBM WebSphere Service Registry and Repository"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("install_func.inc"); app = 'IBM WebSphere Service Registry and Repository'; fix = '7.5.0.4'; install = get_single_install(app_name:app, exit_if_unknown_ver:TRUE); path = install['path']; version = install['version']; if (version =~ '^7\\.5\\.' && ver_compare(ver:version, fix:fix) < 0) { set_kb_item(name:"www/0/XSS", value:TRUE); set_kb_item(name:"www/0/XSRF", value:TRUE); port = get_kb_item('SMB/transport'); if (!port) port = 445; if (report_verbosity > 0) { report = '\n Path : ' + path + '\n Installed version : ' + version + '\n Fixed version : ' + fix + '\n'; security_warning(port:port, extra:report); } else security_warning(port); exit(0); } audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);

NASL family	Windows
NASL id	WEBSPHERE_SERVICE_REGISTRY_AND_REPOSITORY_7005.NASL
description	The version of IBM WebSphere Service Registry and Repository (WSRR) is version 7.0 prior to 7.0.0.5. It is therefore, affected by multiple vulnerabilities : - An unspecified DOM based cross-site scripting (XSS) vulnerability in the WSRR web UI. (CVE-2014-6132) - WSSR web interface issues a cookie that is not declared SSL only. (CVE-2014-6153) - An unspecified information disclosure flaw related to access control checks when a retrieve depth is 0. (CVE-2014-6177) - An unspecified HTML injection vulnerability related to the User-Agent header in the WSRR web UI. (CVE-2014-6180) - An unspecified information disclosure flaw related to the lack of access controls to contained objects. (CVE-2014-6181) - Improper enforcement of object access control restrictions. (CVE-2014-6186) - An unspecified cross-site request forgery (XSRF) vulnerability. (CVE-2014-6187) - Unspecified cross-site scripting (XSS) vulnerabilities. (CVE-2014-6188)
last seen	2020-03-18
modified	2015-01-20
plugin id	80856
published	2015-01-20
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/80856
title	IBM WebSphere Service Registry and Repository 7.0 < 7.0.0.5 Multiple Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(80856); script_version("1.9"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/05"); script_cve_id( "CVE-2014-6132", "CVE-2014-6153", "CVE-2014-6177", "CVE-2014-6180", "CVE-2014-6181", "CVE-2014-6186", "CVE-2014-6187", "CVE-2014-6188" ); script_bugtraq_id( 71899, 71900, 71901, 71902, 71903, 71904, 71905, 71906 ); script_name(english:"IBM WebSphere Service Registry and Repository 7.0 < 7.0.0.5 Multiple Vulnerabilities"); script_summary(english:"Checks the version of WebSphere Service Registry and Repository."); script_set_attribute(attribute:"synopsis", value: "The remote host has a web application installed that is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The version of IBM WebSphere Service Registry and Repository (WSRR) is version 7.0 prior to 7.0.0.5. It is therefore, affected by multiple vulnerabilities : - An unspecified DOM based cross-site scripting (XSS) vulnerability in the WSRR web UI. (CVE-2014-6132) - WSSR web interface issues a cookie that is not declared SSL only. (CVE-2014-6153) - An unspecified information disclosure flaw related to access control checks when a retrieve depth is 0. (CVE-2014-6177) - An unspecified HTML injection vulnerability related to the User-Agent header in the WSRR web UI. (CVE-2014-6180) - An unspecified information disclosure flaw related to the lack of access controls to contained objects. (CVE-2014-6181) - Improper enforcement of object access control restrictions. (CVE-2014-6186) - An unspecified cross-site request forgery (XSRF) vulnerability. (CVE-2014-6187) - Unspecified cross-site scripting (XSS) vulnerabilities. (CVE-2014-6188)"); script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg21693381"); script_set_attribute(attribute:"solution", value: "Upgrade to IBM WebSphere Service Registry and Repository Fix Pack 7.0.0.5 and contact the vendor for solutions to CVE-2014-6132, CVE-2014-6153, CVE-2014-6186, and CVE-2014-6188."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-6187"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990); script_set_attribute(attribute:"vuln_publication_date", value:"2014/12/19"); script_set_attribute(attribute:"patch_publication_date", value:"2014/12/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/20"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_service_registry_and_repository"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("websphere_service_registry_repository_installed.nasl"); script_require_keys("installed_sw/IBM WebSphere Service Registry and Repository"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("install_func.inc"); app = 'IBM WebSphere Service Registry and Repository'; fix = '7.0.0.5'; install = get_single_install(app_name:app, exit_if_unknown_ver:TRUE); path = install['path']; version = install['version']; if (version =~ '^7\\.0\\.' && ver_compare(ver:version, fix:fix) < 0) { set_kb_item(name:"www/0/XSS", value:TRUE); set_kb_item(name:"www/0/XSRF", value:TRUE); port = get_kb_item('SMB/transport'); if (!port) port = 445; if (report_verbosity > 0) { report = '\n Path : ' + path + '\n Installed version : ' + version + '\n Fixed version : ' + fix + '\n'; security_warning(port:port, extra:report); } else security_warning(port); exit(0); } audit(AUDIT_INST_PATH_NOT_VULN, app, version, path);

NASL family	Windows
NASL id	WEBSPHERE_SERVICE_REGISTRY_AND_REPOSITORY_8003.NASL
description	The version of IBM WebSphere Service Registry and Repository (WSRR) is version 8.0 prior to 8.0.0.3. It is therefore, affected by multiple vulnerabilities : - An unspecified DOM based cross-site scripting (XSS) vulnerability in the WSRR web UI. (CVE-2014-6132) - WSSR web interface issues a cookie that is not declared SSL only. (CVE-2014-6153) - An unspecified path traversal vulnerability in the SERVICEREGISTRY UI. (CVE-2014-6155) - An unspecified script injection vulnerability in WSSR widgets. (CVE-2014-6178) - An unspecified DOM based cross-site scripting (XSS) vulnerability in the WSRR web UI. (CVE-2014-6179) - Improper enforcement of object access control restrictions. (CVE-2014-6186) - An unspecified cross-site request forgery (XSRF) vulnerability. (CVE-2014-6187) - Unspecified cross-site scripting (XSS) vulnerabilities. (CVE-2014-6188)
last seen	2020-03-18
modified	2015-01-20
plugin id	80858
published	2015-01-20
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/80858
title	IBM WebSphere Service Registry and Repository 8.0 < 8.0.0.3 Multiple Vulnerabilities

NASL family	Windows
NASL id	WEBSPHERE_SERVICE_REGISTRY_AND_REPOSITORY_6305.NASL
description	The version of IBM WebSphere Service Registry and Repository (WSRR) is version 6.3 prior to 6.3.0.5. It is therefore, affected by multiple vulnerabilities : - An unspecified DOM based cross-site scripting (XSS) vulnerability in the WSRR web UI. (CVE-2014-6132) - WSSR web interface issues a cookie that is not declared SSL only. (CVE-2014-6153) - Improper enforcement of object access control restrictions. (CVE-2014-6186) - An unspecified cross-site request forgery (XSRF) vulnerability. (CVE-2014-6187) - Unspecified cross-site scripting (XSS) vulnerabilities. (CVE-2014-6188)
last seen	2020-03-18
modified	2015-01-20
plugin id	80855
published	2015-01-20
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/80855
title	IBM WebSphere Service Registry and Repository 6.3 < 6.3.0.5 Multiple Vulnerabilities

NASL family	Windows
NASL id	WEBSPHERE_SERVICE_REGISTRY_AND_REPOSITORY_8501.NASL
description	The version of IBM WebSphere Service Registry and Repository (WSRR) is version 8.5 prior to 8.5.0.1. It is therefore, affected by multiple vulnerabilities : - An unspecified DOM based cross-site scripting (XSS) vulnerability in the WSRR web UI. (CVE-2014-6132) - WSSR web interface issues a cookie that is not declared SSL only. (CVE-2014-6153) - An unspecified path traversal vulnerability in the SERVICEREGISTRY UI. (CVE-2014-6155) - A session persistence flaw in which users remain logged into SERVICEREGISTRYDASHBOARD when using WebSEAL or Chrome. (CVE-2014-6160)
last seen	2020-03-18
modified	2015-01-20
plugin id	80859
published	2015-01-20
reporter	This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/80859
title	IBM WebSphere Service Registry and Repository 8.5 < 8.5.0.1 Multiple Vulnerabilities

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Nessus

References