Vulnerabilities > CVE-2018-1719 - Unspecified vulnerability in IBM Websphere Application Server

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

ibm

nessus

NVD

Published: 2018-09-14

Updated: 2020-08-24

Summary

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security under certain conditions. This could result in a downgrade of TLS protocol. A remote attacker could exploit this vulnerability to perform man-in-the-middle attacks. IBM X-Force ID: 147292.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Websphere Application Server 8.5.0.0 IBM Websphere Application Server 8.5.0.1 IBM Websphere Application Server 8.5.0.2 IBM Websphere Application Server 8.5.5.0 IBM Websphere Application Server 8.5.5.1 IBM Websphere Application Server 8.5.5.2 IBM Websphere Application Server 8.5.5.3 IBM Websphere Application Server 8.5.5.4 IBM Websphere Application Server 8.5.5.5 IBM Websphere Application Server 8.5.5.6 IBM Websphere Application Server 8.5.5.7 IBM Websphere Application Server 8.5.5.8 IBM Websphere Application Server 8.5.5.9 IBM Websphere Application Server 8.5.5.10 IBM Websphere Application Server 8.5.5.11 IBM Websphere Application Server 8.5.5.12 IBM Websphere Application Server 8.5.5.13 IBM Websphere Application Server 8.5.5.14 IBM Websphere Application Server 9.0.0.0 IBM Websphere Application Server 9.0.0.1 IBM Websphere Application Server 9.0.0.2 IBM Websphere Application Server 9.0.0.3 IBM Websphere Application Server 9.0.0.4 IBM Websphere Application Server 9.0.0.5 IBM Websphere Application Server 9.0.0.6 IBM Websphere Application Server 9.0.0.7 IBM Websphere Application Server 9.0.0.8	47

Nessus

NASL family	Web Servers
NASL id	WEBSPHERE_CVE-2018-1719.NASL
description	The IBM WebSphere Application Server running on the remote host is version 8.5.x prior to 8.5.5.15, or 9.0.0.x prior to 9.0.0.9. It is, therefore, potentially affected by TLS downgrade vulnerability.
last seen	2020-06-01
modified	2020-06-02
plugin id	125595
published	2019-05-30
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/125595
title	IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.9 TLS Downgrade Vulnerability (CVE-2018-1719)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(125595); script_version("1.3"); script_cvs_date("Date: 2020/02/06"); script_cve_id("CVE-2018-1719"); script_bugtraq_id(108496); script_name(english:"IBM WebSphere Application Server 8.5.x < 8.5.5.15 / 9.0.0.x < 9.0.0.9 TLS Downgrade Vulnerability (CVE-2018-1719)"); script_summary(english:"Reads the version number from the SOAP and GIOP services."); script_set_attribute(attribute:"synopsis", value: "The remote web application server is affected by a TLS downgrade vulnerability."); script_set_attribute(attribute:"description", value: "The IBM WebSphere Application Server running on the remote host is version 8.5.x prior to 8.5.5.15, or 9.0.0.x prior to 9.0.0.9. It is, therefore, potentially affected by TLS downgrade vulnerability."); script_set_attribute(attribute:"see_also", value:"https://www-01.ibm.com/support/docview.wss?uid=ibm10718837"); script_set_attribute(attribute:"solution", value: "Upgrade to IBM WebSphere Application Server 8.5.5.15 or 9.0.0.9 or later. Alternatively, upgrade to the minimal fix pack levels required by the interim fix and then apply Interim Fix PI98768."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-1719"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/12"); script_set_attribute(attribute:"patch_publication_date", value:"2018/09/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/30"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_application_server"); script_set_attribute(attribute:"potential_vulnerability", value:"true"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Web Servers"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("websphere_detect.nasl"); script_require_ports("Services/www", 8880, 8881, 9001); script_require_keys("www/WebSphere", "Settings/ParanoidReport"); exit(0); } include("vcf.inc"); include("http.inc"); app = "IBM WebSphere Application Server"; get_install_count(app_name:app, exit_if_zero:TRUE); if (report_paranoia < 2) audit(AUDIT_PARANOID); port = get_http_port(default:8880, embedded:FALSE); app_info = vcf::get_app_info(app:app, port:port, webapp:TRUE); vcf::check_granularity(app_info:app_info, sig_segments:4); fix = "Interim Fix PI98768"; constraints = [ {"min_version":"8.5.0.0", "max_version":"8.5.5.14", "fixed_version":"8.5.5.15 or " + fix}, {"min_version":"9.0.0.0", "max_version":"9.0.0.8", "fixed_version":"9.0.0.9 or " + fix} ]; vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);

Summary

Vulnerable Configurations

Nessus

References