Executive Summary

Summary
Title Accellion FTP server contains information exposure and cross-site scripting vulnerabilities
Informations
NameVU#745607First vendor Publication2017-02-08
VendorVU-CERTLast vendor Modification2017-02-08
Severity (Vendor) N/ARevisionM

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base ScoreN/AAttack RangeN/A
Cvss Impact ScoreN/AAttack ComplexityN/A
Cvss Expoit ScoreN/AAuthenticationN/A
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#745607

Accellion FTP server contains information exposure and cross-site scripting vulnerabilities

Original Release date: 08 Feb 2017 | Last revised: 08 Feb 2017

Overview

The Accellion FTP server prior to version FTA_9_12_220 is vulnerable to cross-site scripting and information exposure.

Description

CWE-204: Response Discrepancy Information Exposure - CVE-2016-9499

Accellion FTP server only returns the username in the server response if the a username is invalid. An attacker may use this information to determine valid user accounts and enumerate them.

CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) - CVE-2016-9500

Accellion FTP server uses the Accusoft Prizm Content flash component, which contains multiple parameters (customTabCategoryName, customButton1Image) that are vulnerable to cross-site scripting.

For more information, please see Qualys's security advisory.

Impact

A remote attacker may be able to enumerate user accounts on the Accellion FTP server or may conduct reflected cross-site scripting attacks.

Solution

Apply an update

Both issues have been addressed in the most recent version FTA_9_12_220, released on 31 January 2017. Previously, CVE-2016-9500 was addressed in FTA_9_12_160 released on 29 November 2016.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
AccellionAffected09 Dec 201620 Jan 2017
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

GroupScoreVector
Base4.3AV:N/AC:M/Au:N/C:P/I:N/A:N
Temporal3.4E:POC/RL:OF/RC:C
Environmental2.5CDP:ND/TD:M/CR:ND/IR:ND/AR:ND

References

  • https://www.qualys.com/2016/12/06/qsa-2016-12-06/qsa-2016-12-06.pdf
  • http://cwe.mitre.org/data/definitions/80.html
  • http://cwe.mitre.org/data/definitions/204.html

Credit

Thanks to Ashish Kamble for reporting this vulnerability.

This document was written by Garret Wassermann.

Other Information

  • CVE IDs:CVE-2016-9499CVE-2016-9500
  • Date Public:31 Jan 2017
  • Date First Published:08 Feb 2017
  • Date Last Updated:08 Feb 2017
  • Document Revision:29

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Original Source

Url : http://www.kb.cert.org/vuls/id/745607

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2017-02-08 21:23:38
  • First insertion