Trend Micro Security

IBM WebSphere Application Server Cross Site Scripting Vulnerability (CVE-2014-4770)

2015年7月21日
  危険度: :
  CVE識別番号: CVE-2014-4770

  概要

Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 6.x through 6.1.0.47, 7.0 before 7.0.0.35, 8.0 before 8.0.0.10, and 8.5 before 8.5.5.4 allows remote authenticated administrators to inject arbitrary web script or HTML via a crafted URL.

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1000552
  Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention

  影響を受けるソフトウェア

  • ibm websphere_application_server 6.0
  • ibm websphere_application_server 6.0.0.1
  • ibm websphere_application_server 6.0.0.2
  • ibm websphere_application_server 6.0.0.3
  • ibm websphere_application_server 6.0.1
  • ibm websphere_application_server 6.0.1.1
  • ibm websphere_application_server 6.0.1.11
  • ibm websphere_application_server 6.0.1.13
  • ibm websphere_application_server 6.0.1.15
  • ibm websphere_application_server 6.0.1.17
  • ibm websphere_application_server 6.0.1.2
  • ibm websphere_application_server 6.0.1.3
  • ibm websphere_application_server 6.0.1.5
  • ibm websphere_application_server 6.0.1.7
  • ibm websphere_application_server 6.0.1.9
  • ibm websphere_application_server 6.0.2
  • ibm websphere_application_server 6.0.2.1
  • ibm websphere_application_server 6.0.2.11
  • ibm websphere_application_server 6.0.2.13
  • ibm websphere_application_server 6.0.2.15
  • ibm websphere_application_server 6.0.2.17
  • ibm websphere_application_server 6.0.2.19
  • ibm websphere_application_server 6.0.2.2
  • ibm websphere_application_server 6.0.2.22
  • ibm websphere_application_server 6.0.2.23
  • ibm websphere_application_server 6.0.2.24
  • ibm websphere_application_server 6.0.2.25
  • ibm websphere_application_server 6.0.2.27
  • ibm websphere_application_server 6.0.2.28
  • ibm websphere_application_server 6.0.2.29
  • ibm websphere_application_server 6.0.2.3
  • ibm websphere_application_server 6.0.2.30
  • ibm websphere_application_server 6.0.2.31
  • ibm websphere_application_server 6.0.2.32
  • ibm websphere_application_server 6.0.2.33
  • ibm websphere_application_server 6.0.2.35
  • ibm websphere_application_server 6.0.2.37
  • ibm websphere_application_server 6.0.2.39
  • ibm websphere_application_server 6.0.2.4
  • ibm websphere_application_server 6.0.2.41
  • ibm websphere_application_server 6.0.2.43
  • ibm websphere_application_server 6.0.2.5
  • ibm websphere_application_server 6.0.2.6
  • ibm websphere_application_server 6.0.2.7
  • ibm websphere_application_server 6.0.2.9
  • ibm websphere_application_server 6.1
  • ibm websphere_application_server 6.1.0
  • ibm websphere_application_server 6.1.0.0
  • ibm websphere_application_server 6.1.0.1
  • ibm websphere_application_server 6.1.0.11
  • ibm websphere_application_server 6.1.0.12
  • ibm websphere_application_server 6.1.0.13
  • ibm websphere_application_server 6.1.0.14
  • ibm websphere_application_server 6.1.0.15
  • ibm websphere_application_server 6.1.0.17
  • ibm websphere_application_server 6.1.0.19
  • ibm websphere_application_server 6.1.0.2
  • ibm websphere_application_server 6.1.0.21
  • ibm websphere_application_server 6.1.0.23
  • ibm websphere_application_server 6.1.0.25
  • ibm websphere_application_server 6.1.0.27
  • ibm websphere_application_server 6.1.0.29
  • ibm websphere_application_server 6.1.0.3
  • ibm websphere_application_server 6.1.0.31
  • ibm websphere_application_server 6.1.0.33
  • ibm websphere_application_server 6.1.0.35
  • ibm websphere_application_server 6.1.0.37
  • ibm websphere_application_server 6.1.0.39
  • ibm websphere_application_server 6.1.0.41
  • ibm websphere_application_server 6.1.0.43
  • ibm websphere_application_server 6.1.0.45
  • ibm websphere_application_server 6.1.0.47
  • ibm websphere_application_server 6.1.0.5
  • ibm websphere_application_server 6.1.0.7
  • ibm websphere_application_server 6.1.0.9
  • ibm websphere_application_server 7.0
  • ibm websphere_application_server 7.0.0.1
  • ibm websphere_application_server 7.0.0.10
  • ibm websphere_application_server 7.0.0.11
  • ibm websphere_application_server 7.0.0.12
  • ibm websphere_application_server 7.0.0.13
  • ibm websphere_application_server 7.0.0.14
  • ibm websphere_application_server 7.0.0.15
  • ibm websphere_application_server 7.0.0.16
  • ibm websphere_application_server 7.0.0.17
  • ibm websphere_application_server 7.0.0.18
  • ibm websphere_application_server 7.0.0.19
  • ibm websphere_application_server 7.0.0.2
  • ibm websphere_application_server 7.0.0.21
  • ibm websphere_application_server 7.0.0.22
  • ibm websphere_application_server 7.0.0.23
  • ibm websphere_application_server 7.0.0.24
  • ibm websphere_application_server 7.0.0.25
  • ibm websphere_application_server 7.0.0.27
  • ibm websphere_application_server 7.0.0.29
  • ibm websphere_application_server 7.0.0.3
  • ibm websphere_application_server 7.0.0.31
  • ibm websphere_application_server 7.0.0.33
  • ibm websphere_application_server 7.0.0.4
  • ibm websphere_application_server 7.0.0.5
  • ibm websphere_application_server 7.0.0.6
  • ibm websphere_application_server 7.0.0.7
  • ibm websphere_application_server 7.0.0.8
  • ibm websphere_application_server 7.0.0.9
  • ibm websphere_application_server 8.0.0.0
  • ibm websphere_application_server 8.0.0.1
  • ibm websphere_application_server 8.0.0.2
  • ibm websphere_application_server 8.0.0.3
  • ibm websphere_application_server 8.0.0.4
  • ibm websphere_application_server 8.0.0.5
  • ibm websphere_application_server 8.0.0.6
  • ibm websphere_application_server 8.0.0.7
  • ibm websphere_application_server 8.0.0.8
  • ibm websphere_application_server 8.0.0.9
  • ibm websphere_application_server 8.5.0.0
  • ibm websphere_application_server 8.5.0.1
  • ibm websphere_application_server 8.5.0.2
  • ibm websphere_application_server 8.5.5.0
  • ibm websphere_application_server 8.5.5.2
  • ibm websphere_application_server 8.5.5.3