You are here

V-026: RSA Data Protection Manager Bugs Permit Cross-Site Scripting Attacks and Let Local Users Bypass Security Restrictions

November 16, 2012 - 6:00am

Addthis

PROBLEM:

RSA Data Protection Manager Bugs Permit Cross-Site Scripting Attacks and Let Local Users Bypass Security Restrictions.

PLATFORM:

RSA Data Protection Manager Appliance versions 2.7.x and 3.x

ABSTRACT:

Two vulnerabilities were reported in RSA Data Protection Manager.

REFERENCE LINKS:

SecurityTracker Alert ID:  1027781
EMC Identifier: ESA-2012-055
RSA Worldwide Customer Support
CVE-2012-4612
CVE-2012-4613

IMPACT ASSESSMENT:

Medium

DISCUSSION:

Two vulnerabilities were reported in RSA Data Protection Manager. A remote user can conduct cross-site scripting attacks. A local user can bypass security restrictions.

The system does not properly filter HTML code from user-supplied input before displaying the input [CVE-2012-4612]. A remote user can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the RSA Data Protection Manager interface and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

RSA Data Protection Manager Appliance versions 2.7.x and 3.x (Virtual and Hardware) are also affected.

The appliance versions do not properly restrict authentication attempts [CVE-2012-4613]. A local user can conduct password guessing attacks.

IMPACT:

A remote user can access the target user's cookies (including authentication cookies), if any, associated with the RSA Data Protection Manager, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

A local user can can conduct brute force password guessing attacks without limits.

SOLUTION:

The vendor has issued a fix (3.2.1).

Addthis