Alienvault OSSIM/USM 5.3.1 Cross Site Scripting

2016.11.02

Credit: Peter Lapp

Risk: Low

Local: No

Remote: Yes

CVE: CVE-2016-8583

CWE: CWE-79

Ogólna skala CVSS: 4.3/10

Znaczenie: 2.9/10

Łatwość wykorzystania: 8.6/10

Wymagany dostęp: Zdalny

Złożoność ataku: Średnia

Autoryzacja: Nie wymagana

Wpływ na poufność: Brak

Wpływ na integralność: Częściowy

Wpływ na dostępność: Brak

Details
=======

Product: Alienvault OSSIM/USM
Vulnerability: Reflected XSS
Author: Peter Lapp, lappsec () gmail com
CVE: CVE-2016-8583
Vulnerable Versions: <=5.3.1
Fixed Version: 5.3.2



Vulnerability Details
=====================

Multiple GET parameters in the vulnerability scan scheduler of
OSSIM/USM before 5.3.2 are vulnerable to reflected XSS. The parameters
include jobname, timeout, sched_id, and targets[] in
/ossim/vulnmeter/sched.php.



POC
===

Example payload is: "><body+onpageshow%3d"alert(0)
For the targets[] param the payload is slightly different.



Timeline
========

08/03/16 - Reported to Vendor
10/03/16 - Fixed in version 5.3.2



References
==========

https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities

Referencje:

https://www.alienvault.com/forums/discussion/7766/security-advisory-alienvault-5-3-2-address-70-vulnerabilities

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Alienvault OSSIM/USM 5.3.1 Cross Site Scripting

Referencje:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.