NetIQ Access Manager 4.0 < 4.0 SP1 Hotfix 3 Multiple Vulnerabilities

medium Nessus Plugin ID 81405

Synopsis

The remote host is running a web application affected by multiple vulnerabilities.

Description

The remote host is running a version of NetIQ Access Manager 4.0 without service pack 1 hotfix 3. It is, therefore, affected by the following vulnerabilities :

- An XML Entity Injection (XXE) flaw exists in the 'query' parameter of the webacc servlet that can allow an authenticated user to view the contents of any file on the system that the user running the web application has access to, including the '/etc/password' file.
(CVE-2014-5214)

- An authenticated user, via the 'debug.jsp' and 'dev_services.jsp' pages, can gain access to the following protected system properties :
- com.volera.vcdn.monitor.password
- com.volera.vcdn.alert.password
- com.volera.vcdn.sync.password
- com.volera.vcdn.scheduler.password
- com.volera.vcdn.publisher.password
- com.volera.vcdn.application.sc.scheduler.password
- com.volera.vcdn.health.password (CVE-2014-5215)

- Multiple reflected cross-site scripting (XSS) flaws exist in the parameters on various pages.
(CVE-2014-5216)

- A cross-site request forgery (XSRF) vulnerability exists in the webacc servlet that allows an attacker, using a specially crafted request, to change the administrative password of the Administration Console. However, an administrator must be tricked into executing the request within the context of an authenticated session.
(CVE-2014-5217)

Solution

Upgrade to Access Manager 4.0 Service Pack 1 and apply Hotfix 3

See Also

https://support.microfocus.com/kb/doc.php?id=7015993

https://support.microfocus.com/kb/doc.php?id=7015994

https://support.microfocus.com/kb/doc.php?id=7015995

https://support.microfocus.com/kb/doc.php?id=7015996

https://support.microfocus.com/kb/doc.php?id=7015997

http://www.nessus.org/u?ad1a1c9a

Plugin Details

Severity: Medium

ID: 81405

File Name: netiq_access_manager_4SP1HF3.nasl

Version: 1.7

Type: combined

Family: CGI abuses

Published: 2/18/2015

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:netiq:access_manager

Required KB Items: installed_sw/NetIQ Access Manager

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/18/2014

Vulnerability Publication Date: 12/18/2014

Reference Information

CVE: CVE-2014-5214, CVE-2014-5215, CVE-2014-5216, CVE-2014-5217

BID: 71745, 71754, 71755, 71826