|
Description
|
|
A vulnerability has been reported in various CA products, which can be exploited by malicious people to conduct cross-site scripting attacks.
Input passed to the "target" POST parameter in login.fcc (when "postpreservationdata" is set to "fail") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
The vulnerability is reported in the following versions:
* CA SiteMinder R6 SP6 CR7 and prior
* CA SiteMinder R12 SP3 CR8 and prior
* CA Federation Manager 12.1 SP3 and prior
* CA SOA Security Manager 12.1 SP3 and prior
* CA SiteMinder Secure Proxy Server 12.0 SP3 and prior
* CA SiteMinder Secure Proxy Server 6.0 SP3 and prior
* CA SiteMinder SharePoint Agent 12.0 SP3 and prior
|
|
|
|
|
|
Vulnerable Products
|
|
Vulnerable Software:
CA SiteMinder 12.xCA SiteMinder 6.xCA SiteMinder Agent for SharePoint 12.xCA SiteMinder Federation 12.xCA SiteMinder Secure Proxy Server 12.xCA SiteMinder Secure Proxy Server 6.xCA SiteMinder Web Services 12.x
|
|
|
|
|
|
Solution
|
|
Update to a fixed version or apply patch.CA SiteMinder R6:Update to R6 SP6 CR8 or later.CA SiteMinder R12:Update to R12 SP3 CR9 or later.CA Federation Manager 12.1 SP3:Apply fix RS47435.https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=RS47435CA SOA Security Manager 12.1 SP3:Apply fix RS47436.https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=RS47436CA SiteMinder Secure Proxy Server 12.0 SP3:Apply fix RS47431.https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=RS47431CA SiteMinder Secure Proxy Server 6.0 SP3:Apply fix RS47432.https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=RS47432CA SiteMinder SharePoint Agent 12.0 SP3:Apply fix RS47433.https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=RS47433
|
|
|
|
|
|
CVE
|
|
CVE-2011-4054
|
|
|
|
|
|
References
|
|
CA (CA20111208-01):
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={A7DA8AC2-E9B4-4DDE-B828-098E0955A344}
http://community.ca.com/blogs/casecurityresponseblog/archive/2012/08/23/update-for-ca20111208-01-security-notice-for-ca-siteminder.aspx
US-CERT (VU#713012):
http://www.kb.cert.org/vuls/id/713012
|
|
|
|
|
|
Vulnerability Manager Detection
|
|
No
|
|
|
|
|
|
IPS Protection
|
|
|
|
|
|
|
