Lucene search
John Page1337DAY-ID-24092HistoryAug 20, 2015 - 12:00 a.m.
Trend Micro Deep Discovery 3.7.1096 Authentication Bypass / XSS Vulnerabilities
2015-08-2000:00:00
John Page
0day.today
26
0.001 Low
EPSS
Percentile
49.9%
Exploit for php platform in category web applications
[+] Credits: John Page aka hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-DDI-0818.txt
Vendor:
================================
www.trendmicro.com
Product:
===================================
Trend Micro Deep Discovery 3.7.1096
Vulnerability Type:
===================
Authentication Bypass
CVE Reference:
==============
CVE-2015-2873
Vulnerability Details:
===========================================================
http://esupport.trendmicro.com/solution/en-US/1112206.aspx
http://www.kb.cert.org/vuls/id/248692
Trend Micro Deep Discovery Threat Appliance version 3.7.1096
Certain Deep Discovery Inspector URLs including the system log and
whitelist/blacklist are accessible to a non-administrator user
because the pages do not properly check for authorization. An
unauthenticated user without administrator privileges may thus
gain access to and modify certain system configuration settings.
Several URLs, including the system log, whitelist, and blacklist,
are accessible to a non-administrator user by direct request.
The pages do not properly check for authorization.
Impact:
=======
An authenticated user without administrator privileges may access
and modify certain system configuration settings.
Description:
==========================================================
Request Method(s): [+] GET
Vulnerable Product: [+] Trend Micro Deep Discovery 3.7.1096
Vulnerable Parameter(s): [+] syslog, whitelist, blacklist
Affected Area(s): [+] Trend Micro Deep Discovery
Vulnerability Details:
==========================================================
http://esupport.trendmicro.com/solution/en-US/1112206.aspx
http://www.kb.cert.org/vuls/id/248692
Deep Discovery Inspector is vulnerable to XSS attacks that
could allow an unauthenticated user to execute malicious content.
On some legacy browsers like IE 7 with a low Security Level,
Deep Discovery Inspector is vulnerable to XSS that allows an
unauthenticated user to execute malicious content through the index.php
The widget implementation is vulnerable to XSS that allows an
unauthenticated user to execute malicious content.
Exploit code(s):
===============
https://localhost/widget/index.php?menuUrl=1&contentUrl='"%25;alert('XSS+By+hyp3rlinx+\nMarch+2015')//
# 0day.today [2018-01-09] #Related
cert
cert
openvas
openvas
securityvulns
securityvulns
Trend Micro Deep Discovery security vulnerabilities
2015-08-24 00:00:00
Trend Micro Deep Discovery XSS
2015-08-24 00:00:00
Trend Micro Deep Discovery Authentication Bypass
2015-08-24 00:00:00
cve
cve
CVE-2015-2872
2015-08-23 15:59:01
CVE-2015-2873
2015-08-23 15:59:02
prion
prion
Cross site scripting
2015-08-23 15:59:00
Design/Logic Flaw
2015-08-23 15:59:00
nvd
nvd
CVE-2015-2872
2015-08-23 15:59:01
CVE-2015-2873
2015-08-23 15:59:02
packetstorm
packetstorm
Trend Micro Deep Discovery 3.7.1096 Cross Site Scripting
2015-08-18 00:00:00
Trend Micro Deep Discovery 3.7.1096 Authentication Bypass
2015-08-18 00:00:00
cvelist
cvelist
CVE-2015-2872
2015-08-23 15:00:00
CVE-2015-2873
2015-08-23 15:00:00