Executive Summary
Summary | |
---|---|
Title | HP ArcSight Connector Appliance XSS vulnerability |
Informations | |||
---|---|---|---|
Name | VU#122054 | First vendor Publication | 2011-07-15 |
Vendor | VU-CERT | Last vendor Modification | 2011-07-15 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 4.3 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#122054HP ArcSight Connector Appliance XSS vulnerabilityOverviewArcSight Connector Appliance v6.0.0.60023.2, and possibly previous versions, contains a module which is vulnerable to cross site scripting (XSS).I. DescriptionWindows Event Log SmartConnector, a component of ArcSight Connector Appliance v6.0.0.60023.2 does not sanitize all input fields. As a result, cross site scripting (XSS) attacks can be conducted. An exportable report from the Windows Event Log SmartConnector for table parameters contains a drop-down selection field for "Microsoft OS Version". In some cases, this exported report is world-writeable with a default name. In the exported file an attacker can inject javascript code that will be run after the file is imported and the table parameters section is accessed for editing again.For example, the following javascript code can be injected into the "Windows XP" variable of the exported file: ArcSight Connector Appliance version 6.1 addresses this vulnerability.
ReferencesThanks to Michael Rutkowski of Duer Advanced Technology and Aerospace, Inc (DATA) for reporting this vulnerability. This document was written by Jared Allar.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/122054 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-264 | Permissions, Privileges, and Access Controls |
50 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Hardware | 1 | |
Hardware | 1 | |
Hardware | 1 | |
Hardware | 1 | |
Hardware | 1 | |
Hardware | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
73977 | ArcSight Connector Appliance Windows Event Log SmartConnector Exported Report... |
73880 | ArcSight Connector Appliance Windows Event Log SmartConnector Microsoft OS Ve... ArcSight Connector Appliance contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'Microsoft OS Version' field upon submission to the Windows Event Log SmartConnector. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. |