Symantec GeoTrust Security Center Blind XSS
1376
05 March 2020
31 August 2016
CLOSED
MEDIUM
6.9
SUMMARY
Symantec has addressed an issue found in the GeoTrust Security Center Management portal used for issuing digital SSL/TLS certificates. The portal was vulnerable to a blind cross site scripting (XSS) attack due to a failure to properly sanitize user-supplied input. This could potentially allow an attacker to gain unauthorized information and management tools available through the GeoTrust Security Center portal.
AFFECTED PRODUCTS
PRODUCT |
SOLUTION |
Symantec GeoTrust Security Center |
Product is already update (hosted solution). No manual update or patching is required. |
ISSUES
Symantec GeoTrust Security Center Management Console Blind Cross-Site Scripting Vulnerability
BID: N/A
Severity: Medium (CVSSv3: 6.9) - AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N
Impact: Blind Cross Site Scripting
Exploitation: None
Date patched: August, 2016
The Symantec GeoTrust Security Center Management Console is vulnerable to a Blind XSS issue. XSS issues may arise when user input and server output is insufficiently validated and sanitized.
During the initial registration on Security Center the malicious user supplies specifically-formatted input to one of the required user-input fields. Following registration, this payload is stored in the backend systems and remains dormant till an internal user accessed a user-action page on the internal Security Center site and, unknown to them, triggers the specifically-formatted script. Unlike in normal blind XSS attacks, an attacker taking advantage of this vulnerability may be able to control, to some extent, the target output location for the payload script. Therefore an attacker with sufficient knowledge of the site may be able to use this vulnerability to gain access to areas which they are not normally permitted.
MITIGATION
Symantec engineers verified and resolved this issue, performing additional extensive testing of all site content. No customer upgrade is required.
Symantec is not aware of exploitation of or adverse impact from this finding.
ACKNOWLEDGEMENTS
- Matthew Bryant (aka Mandatory)