Dell SonicWall 7.0/7.1 /sgms/mainPage node_id Reflected cross site scripting
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 4.1 | $0-$5k | 0.00 |
Summary
A vulnerability described as problematic has been identified in Dell SonicWall 7.0/7.1. The affected element is an unknown function of the file /sgms/mainPage. Executing a manipulation of the argument node_id with the input aaaaa";><script>alert(document.cookie);</script> can lead to cross site scripting (Reflected).
The identification of this vulnerability is CVE-2014-0332. The attack may be launched remotely. Furthermore, there is an exploit available.
Upgrading the affected component is recommended.
Details
A vulnerability classified as problematic was found in Dell SonicWall 7.0/7.1 (Firewall Software). This vulnerability affects an unknown code block of the file /sgms/mainPage. The manipulation of the argument node_id with the input value aaaaa";><script>alert(document.cookie);</script> leads to a cross site scripting vulnerability (Reflected). The CWE definition for the vulnerability is CWE-79. The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. As an impact it is known to affect integrity. CVE summarizes:
Cross-site scripting (XSS) vulnerability in mainPage in Dell SonicWALL GMS before 7.1 SP2, SonicWALL Analyzer before 7.1 SP2, and SonicWALL UMA E5000 before 7.1 SP2 might allow remote attackers to inject arbitrary web script or HTML via the node_id parameter in a ScreenDisplayManager genNetwork action.
The weakness was shared 02/11/2014 by William Costa as Reflected XSS Attacks vulnerabilities in DELL SonicWALL Universal Management Suite v7.1 as confirmed mailinglist post (Full-Disclosure). The advisory is shared for download at seclists.org. This vulnerability was named CVE-2014-0332 since 12/05/2013. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. Successful exploitation requires user interaction by the victim. Technical details and also a public exploit are known. The MITRE ATT&CK project declares the attack technique as T1059.007.
A public exploit has been developed by William Costa in URL/Javascript and been published immediately after the advisory. It is possible to download the exploit at seclists.org. It is declared as highly functional.
Upgrading to version 7.2 eliminates this vulnerability.
The vulnerability is also documented in the databases at X-Force (91062), SecurityFocus (BID 65498†), OSVDB (103216†) and Secunia (SA56906†). Additional details are provided at kb.cert.org. VulDB is the best source for vulnerability data and more expert information about this specific topic.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.dell.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 4.3VulDB Meta Temp Score: 4.1
VulDB Base Score: 4.3
VulDB Temp Score: 4.1
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Name: ReflectedClass: Cross site scripting / Reflected
CWE: CWE-79 / CWE-94 / CWE-74
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Highly functional
Author: William Costa
Programming Language: 🔍
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
OpenVAS ID: 103317
OpenVAS Name: DELL SonicWALL node_id Cross Site Scripting Vulnerability
OpenVAS File: 🔍
OpenVAS Family: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Exploit Delay Time: 🔍
Upgrade: SonicWall 7.2
Timeline
12/05/2013 🔍02/11/2014 🔍
02/11/2014 🔍
02/11/2014 🔍
02/12/2014 🔍
02/14/2014 🔍
02/14/2014 🔍
12/26/2024 🔍
Sources
Vendor: dell.comAdvisory: Reflected XSS Attacks vulnerabilities in DELL SonicWALL Universal Management Suite v7.1
Researcher: William Costa
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2014-0332 (🔍)
GCVE (CVE): GCVE-0-2014-0332
GCVE (VulDB): GCVE-100-12304
CERT: 🔍
X-Force: 91062 - DELL SonicWALL GMS/Analyzer/UMA node_id cross-site scripting, Medium Risk
SecurityFocus: 65498
Secunia: 56906 - SonicWALL UMA EM5000 "node_id" Cross-Site Scripting Vulnerability, Less Critical
OSVDB: 103216
scip Labs: https://www.scip.ch/en/?labs.20161013
Misc.: 🔍
Entry
Created: 02/14/2014 09:27Updated: 12/26/2024 04:04
Changes: 02/14/2014 09:27 (70), 05/17/2018 08:44 (7), 06/09/2021 14:28 (4), 12/26/2024 04:04 (15)
Complete: 🔍
Cache ID: 216::103
VulDB is the best source for vulnerability data and more expert information about this specific topic.
No comments yet. Languages: en.
Please log in to comment.