SNS: XSS on URL parameter in admin page

Advisory ID CVE Number Date discovered Severity Advisory revision
STORM-2020-003 01/16/2020 medium v1

Vulnerability details

There is a XSS vulnerability on the SNS UI Web page, linked with the uid parameter in the url, sent from the authentication portal.

Impacted products

ProductsSeverityDetail
Stormshield Network Security medium SNS is impacted

Revisions

Version Date Description
v1  06/10/2020 Initial release

 



Stormshield Network Security

CVSS v2 Overall Score: 4.5      

Analysis

Impacted version

An attacker can inject javascript code within the SNS UI page, by sending a malicious link to the firewall administrator. Please note that the vulnerability only occurs if the administrator already has an open tab on his browser, with an authenticated SNS UI web page.

  • SNS 2.0.0 to 2.7.6
  • SNS 2.8.0 to 2.15.0
  • SNS 3.0.0 to 3.7.10
  • SNS 3.8.0 to 3.10.0
  • SNS 4.0.0 to 4.0.1

Workaround solution

Solution

There is no workaround solution.

The 2.7.7, 2.16.0, 3.7.11, 3.10.1, 4.0.2 and 4.1.0 updates fix this vulnerability.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Network High None Complete None None
CVSS Base score: 5.4 CVSS Vector: (AV:N/AC:H/Au:N/C:C/I:N/A:N)
Exploitability Remediation Level Report Confidence
Functionnal exploits exists Official fix Confirmed
CVSS Temporal score: 4.5 CVSS Vector: (AV:N/AC:H/Au:N/C:C/I:N/A:N/E:F/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
None High [76-100%]
CVSS Environmental score: 4.5 CVSS Vector: (AV:N/AC:H/Au:N/C:C/I:N/A:N/E:F/RL:OF/RC:C/CDP:N/TD:H/CR:ND/IR:ND/AR:ND)