|
Description
|
|
Positive Technologies has reported a security issue and multiple vulnerabilities in Arbor Peakflow X, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.
1) Input passed via multiple GET parameters to multiple URLs is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
List of affected URLs and parameters:
<a href="http://[host]/explore/entityinfo/?mode_state
" target="_blank">http://[host]/explore/entityinfo/?mode_state
</a>
<a href="http://[host]/explore/risk/?source_type
" target="_blank">http://[host]/explore/risk/?source_type
</a>
<a href="http://[host]/policy/network/?tab
" target="_blank">http://[host]/policy/network/?tab
</a>
<a href="http://[host]/settings/audit/?tab
" target="_blank">http://[host]/settings/audit/?tab
</a>
2) Input appended to the URL after /policy/rules/index/sibears is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
3) The application does not properly restrict access to the lock user functionality. This can be exploited to lock or unlock arbitrary user accounts except the default admin user.
The security issue and the vulnerabilities are reported in version 4.2.3. Other versions may also be affected.
|
|
|
|
|
|
Vulnerable Products
|
|
Vulnerable OS:
Arbor Peakflow XVulnerable Software:
|
|
|
|
|
|
Solution
|
|
Reportedly, the vendor has issued a fix.
|
|
|
|
|
|
CVE
|
|
|
|
|
|
|
|
References
|
|
Positive Technologies:
http://en.securitylab.ru/lab/PT-2011-18
http://en.securitylab.ru/lab/PT-2011-24
|
|
|
|
|
|
Vulnerability Manager Detection
|
|
No
|
|
|
|
|
|
IPS Protection
|
|
|
|
|
|
|
