Ipswitch WhatsUp Gold < 16.4 Multiple Vulnerabilities

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

An application installed on the remote host is affected by multiple
vulnerabilities.

Description :

The remote host has a version of Ipswitch WhatsUp Gold installed that
is prior to 16.4.0. It is, therefore, affected by the following
vulnerabilities :

- Multiple SQL injection vulnerabilities exist due to
improper sanitization of user-supplied input to the
'sUniqueID' parameter and the 'find device' field. An
authenticated, remote attacker can exploit this to
inject or manipulate SQL queries in the back-end
database, resulting in the manipulation or disclosure of
arbitrary data. (CVE-2015-6004)

- Multiple cross-site scripting vulnerabilities exist due
to improper validation of user-supplied input to SNMP
OID objects, SNMP trap messages, the View Names field,
the Group Names field, the Flow Monitor Credentials
field, the Flow Monitor Threshold Name field, the Task
Library Name field, the Task Library Description field,
the Policy Library Name field, the Policy Library
Description field, the Template Library Name field, the
Template Library Description field, the System Script
Library Name field, the System Script Library
Description field, and the CLI Settings Library
Description field. An authenticated, remote attacker
can exploit this, via a specially crafted request, to
execute arbitrary script code in a user's browser
session. (CVE-2015-6005)

- A SQL injection vulnerability exists due to improper
validation of serialized XML objects in the
DroneDeleteOldMeasurements SOAP request handler. A
remote attacker can exploit this, via a crafted SOAP
request, to inject or manipulate SQL queries in the
back-end database, resulting in the manipulation or
disclosure of arbitrary data. (CVE-2015-8261)

See also :

http://www.nessus.org/u?5f41f179

Solution :

Upgrade to Ipswitch WhatsUp Gold 16.4.0 or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 88097 ()

Bugtraq ID: 79506
80021

CVE ID: CVE-2015-6004
CVE-2015-6005
CVE-2015-8261

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now