Nokia Solutions and Networks @vantage – Multiple Reflected XSS (CVE-2015-6929)

Posted on Updated on

Document Title:
==============
Nokia Solutions and Networks @vantage - Multiple Reflected XSS

Release Date:
============
9 Sep 2015




Abstract Advisory Information:
=============================
Ugur Cihan Koc discovered twentySeven Reflected XSS
vulnerability in Nokia NSN @vantage

Vulnerability Disclosure Timeline:
=================================
24 July 2015    Bug reported to the vendor.
28 July 2015    Asked about the case.
8  Sep  2015    End of support for this product, reported by the vendor
14 Sep  2015    CVE Assigned

Discovery Status:
================
Published

Affected Product(s):
===================
Nokia NSN @vantage

Exploitation Technique:
======================
Local, Authenticated

Severity Level:
==============
Medium

Technical Details & Description:
===============================
Affected Path/Parameter[27] :

/cftraces/filter/fl_copy.jsp
    idFilter
    nameFilter
/cftraces/filter/fl_crea1.jsp
    flName
/cftraces/process/pr_show_process.jsp
    serchStatus
    refreshTime
    serchNode
/cftraces/session/se_crea.jsp
    MaxActivationTime
    NumberOfBytes
    NumberOfTracefiles
    SessionName
    serchSessionkind
/cftraces/session/se_show.jsp
    serchSessionDescription
/cftraces/session/tr_crea_filter.jsp
    serchApplication
    serchApplicationkind
/cftraces/session/tr_create_tagg_para.jsp
    columKeyUnique
    columParameter
    componentName
    criteria1
    criteria2
    criteria3
    description
    filter
    id
    pathName
    tableName
    component
/home/certificate_association.jsp
    userid

Proof of Concept (PoC):
======================
Proof of Concept

https://drive.google.com/open?id=0B-LWHbwdK3P9eTNKRkdDWGpkN2M

Solution Fix & Patch:
====================
There aren't any fix for the issue. [End of Support]

Security Risk:
=============
The risk of the vulnerability above estimated as medium.

Credits & Authors:
=================
Ugur Cihan Koc(@_uceka_)
Blog: www.uceka.com
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s