Symantec Endpoint Protection Manager TestConnection.jsp 'Msg' Parameter XSS (SYM11-009 & SYM12-001)

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.


Synopsis :

An application hosted on the remote web server is affected by a
cross-site scripting vulnerability.

Description :

The version of Symantec Endpoint Protection Manager running on the
remote web server is affected by a cross-site scripting (XSS)
vulnerability due to improper sanitization of input to the 'Msg'
parameter in the TestConnection.jsp file. An unauthenticated, remote
attacker can exploit this vulnerability by convincing a user to make a
malicious request, resulting in the execution of arbitrary script code
in the user's browser session.

This version of Endpoint Protection Manager is affected by additional
XSS and XSRF vulnerabilities
however, Nessus has not tested for
these.

See also :

http://www.nessus.org/u?709cb392
http://www.nessus.org/u?40bbdaa6
http://www.nessus.org/u?52d2d503

Solution :

Upgrade to Symantec Endpoint Protection Manager 11 RU7 / 12.1 RU1 or
later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.6
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CGI abuses : XSS

Nessus Plugin ID: 57767 ()

Bugtraq ID: 48231

CVE ID: CVE-2011-0550

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial