HP SiteScope Log Analysis Tool Remote Privilege Escalation (uncredentialed check)

high Nessus Plugin ID 84088

Synopsis

A web application running on the remote host is affected by a privilege escalation vulnerability.

Description

The HP SiteScope application running on the remote host is affected by a privilege escalation vulnerability due to a failure to restrict the log path within the Log Analysis Tool. A remote, authenticated attacker can exploit this flaw to read the 'users.config' file, allowing an attacker to escalate privileges from the user to administrator role.

Solution

Apply the appropriate update according to the vendor advisory.

See Also

https://www.zerodayinitiative.com/advisories/ZDI-15-239/

http://www.nessus.org/u?7dfdc15b

Plugin Details

Severity: High

ID: 84088

File Name: hp_sitescope_HPSBGN03325.nasl

Version: 1.9

Type: remote

Family: CGI abuses

Published: 6/10/2015

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: High

Base Score: 8.7

Temporal Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:P/A:C

CVSS Score Source: CVE-2015-2120

Vulnerability Information

CPE: cpe:/a:hp:sitescope

Required KB Items: installed_sw/sitescope

Exploit Ease: No known exploits are available

Patch Publication Date: 5/22/2015

Vulnerability Publication Date: 5/22/2015

Reference Information

CVE: CVE-2015-2120

BID: 74801

HP: HPSBGN03325, SSRT101902, emr_na-c04688784