CVE-2020-10372 in AltitudeCDN Altimeter
Summary
by MITRE
Ramp AltitudeCDN Altimeter before 2.4.0 allows authenticated Stored XSS via the vdms/ipmapping.jsp location field to the dms/rest/services/datastore/createOrEditValueForKey URI.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 05/10/2025
The vulnerability identified as CVE-2020-10372 affects Ramp AltitudeCDN Altimeter versions prior to 2.4.0, representing a critical stored cross-site scripting flaw that can be exploited by authenticated attackers. This vulnerability resides within the web application's input handling mechanisms, specifically in the vdms/ipmapping.jsp component where user-supplied data is processed and stored without adequate sanitization. The affected parameter is the location field which is subsequently passed through to the dms/rest/services/datastore/createOrEditValueForKey URI endpoint, creating a persistent XSS attack vector that can compromise user sessions and execute malicious code within the context of the vulnerable application.
The technical exploitation of this vulnerability requires an authenticated user with sufficient privileges to manipulate the location field in the ipmapping.jsp interface. When malicious input is submitted through this field, it gets stored in the application's backend datastore and subsequently rendered in the web interface without proper output encoding or validation. This stored data is then served to other users who access the affected functionality, allowing attackers to inject malicious scripts that execute in the victims' browsers. The vulnerability falls under CWE-79 which specifically addresses cross-site scripting flaws, and aligns with ATT&CK technique T1566.001 for initial access through malicious web content, making it particularly dangerous for environments where multiple users interact with the affected system.
The operational impact of this vulnerability extends beyond simple script execution, as it can enable attackers to steal session cookies, perform unauthorized actions on behalf of victims, and potentially escalate privileges within the application. Since the vulnerability affects the data storage layer, any user with access to the ipmapping.jsp functionality can become a vector for broader attacks against other users within the same application environment. The persistence of the stored XSS means that malicious payloads remain active until explicitly removed from the system, creating a long-term threat that can be leveraged for extended reconnaissance and attack operations. Organizations using affected versions of Ramp AltitudeCDN Altimeter face significant risk of unauthorized access, data exfiltration, and potential system compromise through this vulnerability.
Mitigation strategies should focus on immediate patching of the affected software to version 2.4.0 or later, which contains the necessary input validation and output encoding fixes. Additionally, implementing proper input sanitization measures at the application level, including the validation of all user-supplied data before storage, and applying appropriate output encoding when rendering user content can prevent similar vulnerabilities. Network-level protections such as web application firewalls and content security policies should also be configured to detect and block suspicious input patterns. Regular security assessments and penetration testing of web applications should be conducted to identify similar vulnerabilities in other components, while implementing secure coding practices and input validation frameworks can help prevent future occurrences of stored XSS vulnerabilities in the application codebase.