Javascript in disclaimer

Advisory ID CVE Number Date discovered Severity Advisory revision
STORM-2020-011 CVE-2020-11711 04/03/2020 low v2

Vulnerability details

Javascript can be inserted in the login disclaimer.

 

Stormshield is pleased to thank DIGITEMIS for reporting this issue under responsible disclosure.

 

Impacted products

ProductsSeverityDetail
Stormshield Network Security low SNS is impacted

Revisions

Version Date Description
v1 Initial release
v2  09/10/2020 Precision about Digitemis

 



Stormshield Network Security

CVSS v2 Overall Score: 1.8      

Analysis

Impacted version

An administrator with right access can configure a login disclaimer with malicious Javascript elements that can result in data stealth.
  • SNS 3.6 to 3.10
  • SNS 4.0.0 to 4.0.4

Workaround solution

Solution

If no login disclaimer is configured in the SNS you are not impacted.

Ensure that administrators of the SNS with right access are trusted persons.

Perform a review of the code of your “login disclamer”.

3.7.13, 3.11.0, 4.1.1 updates fix this vulnerability.

 



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Adjacent Network Medium Single Partial None None
CVSS Base score: 2.3 CVSS Vector: (AV:A/AC:M/Au:S/C:P/I:N/A:N)
Exploitability Remediation Level Report Confidence
Proof of concept code Official fix Confirmed
CVSS Temporal score: 1.8 CVSS Vector: (AV:A/AC:M/Au:S/C:P/I:N/A:N/E:POC/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
None High [76-100%]
CVSS Environmental score: 1.8 CVSS Vector: (AV:A/AC:M/Au:S/C:P/I:N/A:N/E:POC/RL:OF/RC:C/CDP:N/TD:H/CR:ND/IR:ND/AR:ND)