Vulnerabilities > CVE-2015-7472 - LDAP Injection vulnerability in IBM Webshphere Portal
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and 8.5.0 before CF10 allows remote attackers to conduct LDAP injection attacks, and consequently read or write to repository data, via unspecified vectors. CWE-90: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') - https://cwe.mitre.org/data/definitions/90.html
Vulnerable Configurations
Nessus
NASL family CGI abuses NASL id WEBSPHERE_PORTAL_8_0_0_1_CF19.NASL description The version of IBM WebSphere Portal installed on the remote host is 8.0.0.x prior to 8.0.0.1 CF19 with interim fixes PI51395 and PI53426. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the Portal AccessControl REST API that allows an unauthenticated, remote attacker to bypass access control lists and disclose sensitive configuration information. (CVE-2015-7447) - An unspecified flaw exists when handling a specially crafted request that allows an unauthenticated, remote attacker to inject LDAP content and view, add, modify or delete information in the user repository. (CVE-2015-7472) last seen 2020-06-01 modified 2020-06-02 plugin id 93075 published 2016-08-23 reporter This script is Copyright (C) 2016-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/93075 title IBM WebSphere Portal 8.0.0.x < 8.0.0.1 CF19 PI51395 and PI53426 Multiple Vulnerabilities NASL family CGI abuses NASL id WEBSPHERE_PORTAL_8_5_0_0_CF10.NASL description The version of IBM WebSphere Portal installed on the remote Windows host is 8.5.0.0 prior to 8.5.0.0 CF10. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists that is triggered when handling a specially crafted request. An unauthenticated, remote attacker can exploit this to inject arbitrary LDAP content and view, add, modify or delete information in the user repository. (CVE-2015-7472) - An XXE (XML external entity) injection vulnerability exists due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. An unauthenticated, remote attacker can exploit this, via specially crafted XML data, to cause a denial of service condition or disclose sensitive information. (CVE-2016-0245) - A cross-site scripting (XSS) vulnerability exists due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user last seen 2020-06-01 modified 2020-06-02 plugin id 93027 published 2016-08-18 reporter This script is Copyright (C) 2016-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/93027 title IBM WebSphere Portal 8.5.0.0 < 8.5.0.0 CF10 Multiple Vulnerabilities