HP SiteScope Multiple Vulnerabilities (HPESBGN03763)

high Nessus Plugin ID 101299

Synopsis

A web application running on the remote host is affected by a multiple vulnerabilities.

Description

The version of HP SiteScope running on the remote host is 11.2x or 11.3x. It is, therefore, affected by multiple vulnerabilities :

- A cryptographic weakness exists in the ss_pu.jar library due to the use of hard-coded encryption keys. A local attacker can exploit this to disclose potentially sensitive information, such as user credentials in configuration files. (CVE-2017-8949)

- A cryptographic weakness exists in the ss_pu.jar library due to the use of risky or broken cryptographic algorithms. A local attacker can exploit this to disclose potentially sensitive information, such as user credentials in configuration files. (CVE-2017-8950)

- An information disclosure vulnerability exists due to credentials stored in Credential Profiles being passed in cleartext over HTTP to the client. A local attacker can exploit this to disclose sensitive information.
(CVE-2017-8951)

- A remote code execution vulnerability exists due to improper authentication of users before allowing file access when handling SOAP calls to the SiteScope service. An unauthenticated, remote attacker can exploit this to perform unauthorized actions, such as the disclosure of arbitrary files or the execution of arbitrary code. (CVE-2017-8952)

Solution

Apply the appropriate update according to the vendor advisory.

See Also

https://www.zerodayinitiative.com/advisories/ZDI-12-176/

https://www.kb.cert.org/vuls/id/768399/

http://www.nessus.org/u?4843ab92

http://www.nessus.org/u?c83286c6

Plugin Details

Severity: High

ID: 101299

File Name: hp_sitescope_HPESBGN03763.nasl

Version: 1.7

Type: remote

Family: CGI abuses

Published: 7/6/2017

Updated: 11/12/2019

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2017-8952

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:hp:sitescope

Required KB Items: installed_sw/sitescope, Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/27/2017

Vulnerability Publication Date: 6/27/2017

Exploitable With

Core Impact

Reference Information

CVE: CVE-2017-8949, CVE-2017-8950, CVE-2017-8951, CVE-2017-8952

BID: 99331, 99333

CERT: 768399

HP: HPESBGN03763, emr_na-hpesbgn03763en_us

IAVA: 2017-A-0194

ZDI: ZDI-12-176