Detections
Analytics

Scrutinizer < 10.1.2 Multiple Vulnerabilities

high Nessus Plugin ID 65046

Language:

Synopsis

The remote host is running a web application that is affected by multiple vulnerabilities.

Description

The version of Scrutinizer NetFlow and sFlow Analyzer running on the remote host is a version prior to 10.1.2, and is, therefore, potentially affected by the following vulnerabilities :

 - A blind SQL injection vulnerability exists because the 'orderby' and 'gadget' parameters of 'fa_web.cgi' fail to properly sanitize user-supplied input. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

 - The application is affected by multiple persistent cross-site scripting vulnerabilities in the following parameters / modules :

 - 'BBSearchText' - New Board & Policy Manager
 - 'Mytab' - Flow Expert
 - 'newName' - MyView (CGI)
 - 'groupName' - New Users & New Group
 - 'username' - New Users & New Group
 - 'groupMembers' - Mapping /Maps (CGI)
 - 'Type' - Mapping /Maps (CGI)
 - 'Checkbox Linklike' - Mapping /Maps (CGI)
 - 'indexColumn' - Mapping /Maps (CGI)
 - 'name' - Mapping /Maps (CGI)
 - 'Object Name' - Mapping /Maps (CGI)
 - 'settings groups(checkbox)' - Mapping /Maps (CGI)
 - 'Policy Name' - Advanced Filters
 - 'Board Name' - Advanced Filters
 - 'Violators' - Advanced Filters

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Scrutinizer 10.1.2 or later.

See Also

https://seclists.org/bugtraq/2013/Feb/57

https://seclists.org/bugtraq/2013/Feb/58

http://www.nessus.org/u?92c27f55

Plugin Details

Severity: High

ID: 65046

File Name: scrutinizer_10_1_2.nasl

Version: 1.7

Type: remote

Family: CGI abuses

Published: 3/6/2013

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:dell:sonicwall_scrutinizer

Required KB Items: www/scrutinizer_netflow_sflow_analyzer

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/10/2013

Vulnerability Publication Date: 2/11/2013

Reference Information

BID: 57914, 57949

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990