The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of ITDS

computer weakness note CVE-2017-1503

WebSphere AS: read-write access via Edge Caching Proxy

Synthesis of the vulnerability

An attacker can bypass access restrictions via Edge Caching Proxy of WebSphere AS, in order to read or alter data.
Severity: 2/4.
Creation date: 09/10/2017.
Identifiers: 2006815, 2009501, 2010467, 2010701, CVE-2017-1503, VIGILANCE-VUL-24060.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions via Edge Caching Proxy of WebSphere AS, in order to read or alter data.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2017-1382

WebSphere AS: read-write access

Synthesis of the vulnerability

An attacker can bypass access restrictions of WebSphere AS, in order to read or alter data.
Severity: 2/4.
Creation date: 21/07/2017.
Identifiers: 2004785, 2006348, 2006516, 2009026, 2009072, 2009082, 2009087, 2009089, 2009090, 7036319, 7048591, CVE-2017-1382, VIGILANCE-VUL-23310.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions of WebSphere AS, in order to read or alter data.
Full Vigil@nce bulletin... (Free trial)

cybersecurity weakness CVE-2017-1381

WebSphere AS: information disclosure via Proxy Server / ODR

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Proxy Server / ODR of WebSphere Application Server, in order to obtain sensitive information.
Severity: 2/4.
Creation date: 19/07/2017.
Identifiers: 2004792, 2006343, 2006905, 2009023, 2009072, 2009082, 2009087, 2009089, 2009090, 2009348, 7048591, CVE-2017-1381, VIGILANCE-VUL-23275.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions to data via Proxy Server / ODR of WebSphere Application Server, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer threat note CVE-2017-1137

WebSphere AS: privilege escalation via Administrative Console

Synthesis of the vulnerability

An attacker can bypass restrictions via Administrative Console of WebSphere AS, in order to escalate his privileges.
Severity: 2/4.
Creation date: 04/05/2017.
Identifiers: 1998469, 2008899, 7036319, CVE-2017-1137, VIGILANCE-VUL-22644.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via Administrative Console of WebSphere AS, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

threat alert CVE-2016-8934

WebSphere AS: Cross Site Scripting via Admin Console

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting via Admin Console of WebSphere AS, in order to run JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 07/12/2016.
Identifiers: 1992315, 1996037, 1996038, 1996145, 1996238, 7014463, 7036319, CVE-2016-8934, VIGILANCE-VUL-21297.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The WebSphere AS product offers a web service.

However, it does not filter received data via Admin Console before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting via Admin Console of WebSphere AS, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer weakness alert CVE-2016-5983

IBM WebSphere Application Server: code execution via serialized objects

Synthesis of the vulnerability

An attacker can use a vulnerability via serial of IBM WebSphere Application Server, in order to run code.
Severity: 3/4.
Creation date: 23/09/2016.
Identifiers: 1990060, 1991866, 1991867, 1991870, 1991871, 1991875, 1991876, 1991878, 1991880, 1991882, 1991884, 1991885, 1991886, 1991887, 1991889, 1991892, 1991894, 1991896, 1991898, 1991902, 1991903, 1991951, 1991955, 1991959, 1991960, 1991961, 1995390, 1999671, 2000095, 2000544, 2002049, 2002050, 7014463, 7048591, CVE-2016-5983, VIGILANCE-VUL-20686.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The IBM WebSphere Application Server runs on a Java virtual machine.

It can load serialized objects from external sources. However, it likely does not restrict which classes are loaded when an object is unserialized.

An attacker can therefore send serialized objects to IBM WebSphere Application Server, in order to run code.
Full Vigil@nce bulletin... (Free trial)

security threat CVE-2016-5986

WebSphere AS: information disclosure via Server Identification

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Server Identification of WebSphere AS, in order to obtain sensitive information.
Severity: 2/4.
Creation date: 16/09/2016.
Identifiers: 1990056, 1990724, 1991900, 1991987, 1995793, 2002049, 2002050, 7014463, CVE-2016-5986, VIGILANCE-VUL-20625.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass access restrictions to data via Server Identification of WebSphere AS, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

threat announce CVE-2016-2183 CVE-2016-6329

Blowfish, Triple-DES: algorithms too weak, SWEET32

Synthesis of the vulnerability

An attacker can create a TLS/VPN session with a Blowfish/Triple-DES algorithm, and perform a two days attack, in order to decrypt data.
Severity: 1/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 25/08/2016.
Identifiers: 1610582, 1991866, 1991867, 1991870, 1991871, 1991875, 1991876, 1991878, 1991880, 1991882, 1991884, 1991885, 1991886, 1991887, 1991889, 1991892, 1991894, 1991896, 1991902, 1991903, 1991951, 1991955, 1991959, 1991960, 1991961, 1992681, 1993777, 1994375, 1995099, 1995922, 1998797, 1999054, 1999421, 2000209, 2000212, 2000370, 2000544, 2001608, 2002021, 2002335, 2002336, 2002479, 2002537, 2002870, 2002897, 2002991, 2003145, 2003480, 2003620, 2003673, 2004036, 2008828, 523628, 9010102, bulletinapr2017, c05349499, c05369403, c05369415, c05390849, CERTFR-2017-AVI-012, CERTFR-2019-AVI-049, CERTFR-2019-AVI-311, cisco-sa-20160927-openssl, cpuapr2017, cpujan2018, cpujul2017, cpujul2019, cpuoct2017, CVE-2016-2183, CVE-2016-6329, DSA-2018-124, DSA-2019-131, DSA-3673-1, DSA-3673-2, FEDORA-2016-7810e24465, FEDORA-2016-dc2cb4ad6b, FG-IR-16-047, FG-IR-16-048, FG-IR-17-127, FG-IR-17-173, HPESBGN03697, HPESBGN03765, HPESBUX03725, HPSBGN03690, HPSBGN03694, HPSBHF03674, ibm10718843, java_jan2017_advisory, JSA10770, KM03060544, NTAP-20160915-0001, openSUSE-SU-2016:2199-1, openSUSE-SU-2016:2391-1, openSUSE-SU-2016:2407-1, openSUSE-SU-2016:2496-1, openSUSE-SU-2016:2537-1, openSUSE-SU-2017:1638-1, openSUSE-SU-2018:0458-1, RHSA-2017:0336-01, RHSA-2017:0337-01, RHSA-2017:0338-01, RHSA-2017:3113-01, RHSA-2017:3114-01, RHSA-2017:3239-01, RHSA-2017:3240-01, RHSA-2018:2123-01, SA133, SA40312, SB10171, SB10186, SB10197, SB10215, SOL13167034, SP-CAAAPUE, SPL-129207, SSA:2016-266-01, SSA:2016-363-01, SSA-556833, SUSE-SU-2016:2387-1, SUSE-SU-2016:2394-1, SUSE-SU-2016:2458-1, SUSE-SU-2016:2468-1, SUSE-SU-2016:2469-1, SUSE-SU-2016:2470-1, SUSE-SU-2016:2470-2, SUSE-SU-2017:1444-1, SUSE-SU-2017:2838-1, SUSE-SU-2017:3177-1, SWEET32, TNS-2016-16, USN-3087-1, USN-3087-2, USN-3270-1, USN-3339-1, USN-3339-2, USN-3372-1, VIGILANCE-VUL-20473.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Blowfish and Triple-DES symetric encryption algorithms use 64 bit blocks.

However, if they are used in CBC mode, a collision occurs after 785 GB transferred, and it is then possible to decrypt blocks with an attack lasting two days.

An attacker can therefore create a TLS/VPN session with a Blowfish/Triple-DES algorithm, and perform a two days attack, in order to decrypt data.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2015-1977

IBM Tivoli/Security Directory Server: directory traversal

Synthesis of the vulnerability

An attacker can traverse directories of IBM Tivoli/Security Directory Server, in order to read a file outside the service root path.
Severity: 2/4.
Creation date: 12/07/2016.
Identifiers: 1986452, CVE-2015-1977, VIGILANCE-VUL-20068.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The IBM Tivoli/Security Directory Server product offers a web service.

However, user's data are directly inserted in an access path. Sequences such as "/.." can thus be used to go in the upper directory.

An attacker can therefore traverse directories of IBM Tivoli/Security Directory Server, in order to read a file outside the service root path.
Full Vigil@nce bulletin... (Free trial)

security announce CVE-2015-5174

Apache Tomcat: directory traversal of ServletContext

Synthesis of the vulnerability

An attacker, who is allowed to upload a malicious web application on the service, can traverse directories in ServletContext of Apache Tomcat, in order to read the content of a directory outside the service root path.
Severity: 2/4.
Creation date: 22/02/2016.
Identifiers: 1980693, 1981632, 1983989, bulletinjan2016, c05054964, c05150442, cpujul2018, CVE-2015-5174, DSA-3530-1, DSA-3552-1, DSA-3609-1, HPSBUX03561, HPSBUX03606, JSA10838, K30971148, NTAP-20180531-0001, openSUSE-SU-2016:0865-1, RHSA-2016:1432-01, RHSA-2016:1433-01, RHSA-2016:1434-01, RHSA-2016:1435-01, RHSA-2016:2045-01, RHSA-2016:2599-02, SOL30971148, SUSE-SU-2016:0769-1, SUSE-SU-2016:0822-1, SUSE-SU-2016:0839-1, USN-3024-1, VIGILANCE-VUL-18993.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Apache Tomcat product can execute a web application from an untrusted source with a Security Manager.

However, the getResource(), getResourceAsStream() and getResourcePaths() methods of ServletContext insert user's data directly in an access path. Sequences such as "/.." can thus be used by the web application to go in the upper directory.

An attacker, who is allowed to upload a malicious web application on the service, can therefore traverse directories in ServletContext of Apache Tomcat, in order to read the content of a directory outside the service root path.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.