Detections
Analytics
ManageEngine ServiceDesk Plus 9.1.0 < Build 9103 Multiple Vulnerabilities
high Nessus Plugin ID 85599
Language:
Synopsis
The remote web server hosts an application that is affected by multiple vulnerabilities.Description
The remote host is running ManageEngine ServiceDesk Plus version 9.1.0 prior to build 9103. It is, therefore, affected by multiple vulnerabilities :- A cross-site scripting vulnerability exists due to improper validation of user-supplied input on the 'Login' page. A remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code.
- A cross-site scripting vulnerability exists due to improper validation of user-supplied input when adding new software license types or options. A remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code.
- An unspecified flaw exists in the file attachment URL on the software details page.
- A cross-site scripting vulnerability exists due to improper validation of user-supplied input when sending reports by email. A remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code.
- A cross-site scripting vulnerability exists due to improper validation of user-supplied input to the 'module' and 'from' parameters when completing the 'Add new task' action. A remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code.
- A cross-site scripting vulnerability exists due to improper validation of user-supplied input to the 'UNIQUE_ID' parameter in the 'Solution' module. A remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code.
- A cross-site scripting vulnerability exists due to improper validation of user-supplied input to the email notification window. A remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code.
- A cross-site scripting vulnerability exists due to improper validation of user-supplied input to the request template, reminder, and technician calendar. A remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code.
- A security bypass vulnerability exists due to an unspecified flaw. An authenticated, remote attacker can exploit this to update incident details.
- A security bypass vulnerability exists due to an unspecified flaw. An authenticated, remote attacker can exploit this to access problem and change details.
- A cross-site scripting vulnerability exists due to improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code.
- A SQL injection vulnerability exists due to improper sanitization of user-supplied input before using it in SQL queries. A remote attacker can exploit this to inject or manipulate SQL queries, resulting in the manipulation or disclosure of arbitrary data.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to ManageEngine ServiceDesk Plus version 9.1.0 build 9103 or later.See Also
https://www.manageengine.com/products/service-desk/readme.html#readme91
Plugin Details
Severity: High
ID: 85599
File Name: manageengine_servicedesk_9_1_build9103.nasl
Version: 1.12
Type: remote
Family: CGI abuses
Published: 8/24/2015
Updated: 10/27/2021
Supported Sensors: Nessus
Risk Information
CVSS Score Rationale: Score based on analysis of the vendor advisory.
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: manual
CVSS v3
Risk Factor: High
Base Score: 7.3
Temporal Score: 6.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:manageengine:servicedesk_plus
Required KB Items: installed_sw/manageengine_servicedesk
Patch Publication Date: 7/23/2015
Vulnerability Publication Date: 7/23/2015