{"vuid":"VU#375127","idnumber":"375127","name":"IBM WebSphere Portal Server input validation vulnerability","keywords":["IBM","websphere portal server","xml trasmission"],"overview":"IBM WebSphere Portal Server does not validate entry path inputted data.","clean_desc":"From the IBM Portal website: \"IBM WebSphere Portal software provides a composite application or business mashup framework and the advanced tooling needed to build flexible, SOA-based solutions, as well as the unmatched scalability required by any size organization.\" IBM WebSphere Portal Server is vulnerable to data leakage caused by missing input validation on inputted entry path transmitted via XML.","impact":"An attacker with valid login credentials could leverage this vulnerability to retrieve system information, such as /etc/passwd.","resolution":"Apply an update According to IBM's website patches have been issued to address this vulnerability.","workarounds":"Restrict access Restrict network access to the IBM WebSphere Portal software and other devices using open protocols like HTTP.","sysaffected":"","thanks":"Thanks to Peter Brauchle from Daimler TSS Technical Security for reporting this vulnerability.","author":"This document was written by Michael Orlando.","public":["http://www.ibm.com/eserver/support/fixes/fixcentral/swgquickorder?apar=PM25698&productid=WebSphere%20Portal&brandid=5","http://www-01.ibm.com/support/docview.wss?uid=swg21460422"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2010-10-29T18:50:59Z","publicdate":"2011-01-20T00:00:00Z","datefirstpublished":"2011-02-23T16:15:20Z","dateupdated":"2011-02-23T16:15:21Z","revision":28,"vrda_d1_directreport":"1","vrda_d1_population":"2","vrda_d1_impact":"2","cam_widelyknown":"1","cam_exploitation":"0","cam_internetinfrastructure":"15","cam_population":"15","cam_impact":"8","cam_easeofexploitation":"10","cam_attackeraccessrequired":"10","cam_scorecurrent":"3.6","cam_scorecurrentwidelyknown":"7.875","cam_scorecurrentwidelyknownexploited":"12.375","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":3.6,"vulnote":null}