CVE-2017-12544
published 2018-02-15CVE-2017-12544: A cross-site scripting vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
PriorityP432medium5.4CVSS 3.0
AVNACLPRLUIRSCCLILAN
EXPLOIT
EPSS
4.60%
90.5th percentile
A cross-site scripting vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hewlett_packard_enterprise | system_management_homepage_for_windows_and_linux | — | — |
| hp | system_management_homepage | < 7.6.1 | 7.6.1 |
Detection & IOCsextracted from sources · hover to see the quote
- →Send a GET request to /gsearch.php.en with the `prod` parameter set to the XSS payload and check the response body for the reflected string `var prodName = '';prompt\`document.domain\`;//';` with HTTP 200 and Content-Type text/html. ↗
- →Confirm exploitation by matching the reflected payload in the HTTP response body: `var prodName = '';prompt\`document.domain\`;//';` ↗
- →Verify the response Content-Type header contains `text/html` and HTTP status is 200 to confirm the vulnerable endpoint is active. ↗
- ·Vulnerability affects HPE System Management Homepage for Windows and Linux versions prior to v7.6.1 only; patched versions are not vulnerable. ↗
- ·Exploitation requires an authenticated low-privileged user (PR:L) and user interaction (UI:R), limiting opportunistic exploitation. ↗
- ·The attack can be used to steal cookie-based authentication credentials, making session hijacking a primary post-exploitation risk. ↗
CVSS provenance
nvdv3.05.4MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
nvdv2.03.5LOWAV:N/AC:M/Au:S/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
HPE System Management - Cross-Site Scripting
nuclei·CVSS 5.4
CVE-2017-12544 [MEDIUM] HPE System Management - Cross-Site Scripting
HPE System Management - Cross-Site Scripting
HPE System Management contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Template:
id: CVE-2017-12544
info:
name: HPE System Management - Cross-Site Scripting
author: divya_mudgal
severity: medium
description: HPE System Management contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
impa
No writeups or analysis indexed.
http://www.securityfocus.com/bid/101029http://www.securitytracker.com/id/1039437https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_ushttp://www.securityfocus.com/bid/101029http://www.securitytracker.com/id/1039437https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us
2018-02-15
Published