Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:29975
HistoryOct 28, 2013 - 12:00 a.m.

[CVE-2013-5702] Watchguard Server Center v11.7.4 Multiple Non-Persistent Cross-Site Scripting Vulnerabilities

2013-10-2800:00:00
vulners.com
62
JSON

Watchguard Server Center v11.7.4 Multiple Non-Persistent Cross-Site
Scripting Vulnerabilities

RCE Security Advisory
http://www.rcesecurity.com

  1. ADVISORY INFORMATION

Product: Watchguard Server Center
Vendor URL: www.watchguard.com
Type: Cross-Site Scripting [CWE-79]
Date found: 2013-09-11
Date published: 2013-10-21
CVSSv2 Score: 3,5 (AV:N/AC:M/Au:S/C:N/I:P/A:N))
CVE: CVE-2013-5702

  1. CREDITS

These vulnerabilities were discovered and researched by Julien Ahrens
from RCE Security.

  1. VERSIONS AFFECTED

Watchguard Server Center v11.7.4 Update #1
and other older versions may be affected too.

  1. VULNERABILITY DESCRIPTION

Multiple Non-Persistent Cross-Site Scripting vulnerabilities have been
identified in the Watchguard Server Center v11.7.4 Update #1.

Due to improper input - validation of the following GET parameters, an
attacker could temporarily inject arbitrary code with required
authenticated user interaction into the context of the Watchguard Server
Center / current browser session. Successful exploitation of these
vulnerabilities allows for example cookie theft, session hijacking or
client side context manipulation.

Vulnerable modules and parameters:
+/log/device?sn=random&cluster_id=<XSS>&l_t=tr&name=random
+/log/device?sn=random&cluster_id=random&l_t=tr&name=<XSS>
+/log/log_html_distribution?sn=random&cluster_id=random&name=<XSS>

  1. PROOF-OF-CONCEPT (CODE / EXPLOIT)

https://192.168.0.1:4130/log/device?sn=random&amp;cluster_id=&amp;l_t=tr&amp;name=&lt;script&gt;alert&#40;&#39;rcesecurity.com&#39;&#41;&lt;/script&gt;

  1. SOLUTION

Update to Watchguard Server Center v11.8 which fixes these issues

  1. REPORT TIMELINE

2013-09-05: Discovery of the vulnerability
2013-09-05: MITRE assigns CVE-2013-5702 for this issue
2013-09-11: RCE Security sends vulnerability details to Watchguard via mail
with disclosure date set to 26. September 2013
2013-09-12: Watchguard ACKs all reported flaws, assigns bug ids: #76179 and
#76363 and shows possible mitigation factors
2013-09-26: RCE Security provides a PoC bypassing the mitigation factors and
extends disclosure date to 17. October 2013
2013-09-30: RCE Security asks for status update
2013-10-10: Watchguard releases v11.8 which fixes all reported
vulnerabilities
2013-10-21: Responsible Disclosure

  1. REFERENCES

http://www.rcesecurity.com/2013/10/cve-2013-5702-watchguard-server-center-v11-7-4-multiple-xss-vulnerabilities/
http://watchguardsecuritycenter.com/2013/10/17/xtm-11-8-secfixes/

Related

packetstorm 1
prion 1
securityvulns 1
cve 1
packetstorm
packetstorm
Watchguard Server Center 11.7.4 Cross Site Scripting
2013-10-21 00:00:00
prion
prion
Cross site scripting
2013-10-19 10:36:00
securityvulns
securityvulns
Watchguard Server Center XSS
2013-10-28 00:00:00
cve
cve
CVE-2013-5702
2013-10-19 10:36:00
JSON
Related for SECURITYVULNS:DOC:29975
packetstorm1prion1securityvulns1cve1