Zenoss < 4.2.5 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 8594


The remote server hosting Zenoss Core is running an outdated and vulnerable version.


Versions of Zenoss prior to 4.2.5 are unpatched and potentially affected by multiple vulnerabilities :

- Prone to a cross-site request forgery that could be used to trick a user into changing their password.(ZEN-12653)

- A stored cross-site scripting vulnerability on pages which display device names and details.(ZEN-15381)

- Multiple information-disclosure vulnerabilities due to the stack trace returning sensitive information when renaming a product with special characters.(ZEN-15382)

- An open redirect vulnerability exposed in the login form.(ZEN-11998)

- Remote code execution vulnerability which can occur via Version Check.(ZEN-12657)

- Authorization Bypass allowing an attacker to move or execute files on the server remotely.(ZEN-15386)

- A cross-site request forgery which leads to ZenPack installation at time of server boot.(ZEN-15388)

- Login sessions to Zenoss do not expire.(ZEN-12691)

- Information Disclosure permitting unprivileged users to list all users of Zenoss.(ZEN-15389)

- Multiple logon vulnerabilities due to insecure password hashing, low complexity requirements, and plaintext credential storage on the server.(ZEN-15413, ZEN-15406, ZEN-15416, ZEN-10148)

- Authorization bypass exists in Zope web platform invoked through as web endpoints through numerous helper methods.(ZEN-15407)

- Unnecessary exposed services in default Zenoss configuration.(ZEN-15408)

- Several stored and reflected cross-site scripting vulnerabilities due to the way data is displayed on asset detail pages.(ZEN-15410)

- Denial of Service vulnerability on a publicly accessible endpoint of Zenoss to specify an exhaustive regex which could render the application inaccessible.(ZEN-15411)

- Page Command for sysadmins via Zenoss can be edited without password re-entry.(ZEN-15412)

- "Billion Laughs" Denial of Service vulnerability which can result in remote code execution.(ZEN-15414, ZEN-15415)


Upgrade to Zenoss Core 4.2.5 or later.

See Also



Plugin Details

Severity: High

ID: 8594

Family: CGI

Published: 2014/12/09

Modified: 2016/02/05

Dependencies: 8593

Risk Information

Risk Factor: High


Base Score: 8.5

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:U/RC:C


Base Score: 7.5

Temporal Score: 7


Temporal Vector: CVSS3#E:P/RL:U/RC:C

Vulnerability Information

CPE: cpe:/a:zenoss:http_server

Patch Publication Date: 2014/12/08

Vulnerability Publication Date: 2014/12/05

Reference Information

CVE: CVE-2014-6253, CVE-2014-6254, CVE-2014-6255, CVE-2014-6256, CVE-2014-6257, CVE-2014-6258, CVE-2014-6259, CVE-2014-6260, CVE-2014-6261, CVE-2014-6262, CVE-2014-9245, CVE-2014-9246, CVE-2014-9247, CVE-2014-9248, CVE-2014-9249, CVE-2014-9250, CVE-2014-9251, CVE-2014-9252

BID: 71541, 71540, 71539, 71538, 71537, 71536, 71535, 71533, 71532, 71531, 71530, 71529, 71528, 71527, 71526, 71525, 71524, 71523