GroundWork Monitor Enterprise 'NeDi' Component Multiple Security Vulnerabilities
BID:58408
Info
GroundWork Monitor Enterprise 'NeDi' Component Multiple Security Vulnerabilities
| Bugtraq ID: | 58408 |
| Class: | Input Validation Error |
| CVE: |
CVE-2013-3507 CVE-2013-3508 CVE-2013-3509 CVE-2013-3511 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 08 2013 12:00AM |
| Updated: | May 22 2013 08:03PM |
| Credit: | Johannes Greil from SEC Consult Vulnerability Lab |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
GroundWork Monitor Enterprise 'NeDi' Component Multiple Security Vulnerabilities
The NeDi component of GroundWork Monitor Enterprise is prone to multiple privilege-escalation vulnerabilities, a command-injection vulnerability and an open-redirection vulnerability.
Exploiting these issues could allow an attacker to execute arbitrary commands, gain elevated privileges, obtain unauthorized access to the sensitive information and conduct phishing attacks. Other attacks may also be possible.
GroundWork Monitor Enterprise 6.7.0 is vulnerable; other versions may also be affected.
Note: The SQL Injection and Cross Site Scripting vulnerabilities have been moved to the following BIDs to better document the issues:
59778 GroundWork Monitor Enterprise CVE-2013-3510 Multiple SQL Injection Vulnerabilities
59780 GroundWork Monitor Enterprise CVE-2013-3501 Cross Site Scripting and HTML Injection Vulnerabilities
The NeDi component of GroundWork Monitor Enterprise is prone to multiple privilege-escalation vulnerabilities, a command-injection vulnerability and an open-redirection vulnerability.
Exploiting these issues could allow an attacker to execute arbitrary commands, gain elevated privileges, obtain unauthorized access to the sensitive information and conduct phishing attacks. Other attacks may also be possible.
GroundWork Monitor Enterprise 6.7.0 is vulnerable; other versions may also be affected.
Note: The SQL Injection and Cross Site Scripting vulnerabilities have been moved to the following BIDs to better document the issues:
59778 GroundWork Monitor Enterprise CVE-2013-3510 Multiple SQL Injection Vulnerabilities
59780 GroundWork Monitor Enterprise CVE-2013-3501 Cross Site Scripting and HTML Injection Vulnerabilities
Exploit / POC
GroundWork Monitor Enterprise 'NeDi' Component Multiple Security Vulnerabilities
An attacker can exploit these issues through a browser. To exploit the cross-site scripting and open-redirection issues, the attacker must entice an unsuspecting victim to follow a malicious URI.
An attacker can exploit these issues through a browser. To exploit the cross-site scripting and open-redirection issues, the attacker must entice an unsuspecting victim to follow a malicious URI.
Solution / Fix
GroundWork Monitor Enterprise 'NeDi' Component Multiple Security Vulnerabilities
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
GroundWork Monitor Enterprise 'NeDi' Component Multiple Security Vulnerabilities
References:
References:
- GroundWork Homepage (GroundWork)
- GroundWork Monitor 6.7.0 Enterprise Release Notes (GroundWork)
- Multiple high risk vulnerabilities (part 2) (SEC Consult Vulnerability Lab)
- VU#345260 GroundWork Monitor Enterprise contains multiple vulnerabilities (CERT)