December 12, 2012 – Cross Site Scripting and Cross Site Request Forgery vulnerabilities in Reporter
High - CVSS v2 base score: 7.9 (AV:A/AC:M/Au:N/C:C/I:C/A:C)
No CVE has been assigned at this time.
A remote attacker can use URL links and/or malicious scripts to execute Reporter commands if the administrator has an active session in the Reporter management console.
All versions of Reporter prior to 9.4 are vulnerable. Windows, Linux, and Virtual Appliance versions are all vulnerable.
Reporter is vulnerable to reflected (non-persistent) cross site scripting (XSS) attacks. User provided data is not validated or sanitized prior to returning it in response to methods issued from the client. The CVSS score for the cross site scripting vulnerability is 2.3 (AV:A/AC:M/Au:S/C:N/I:P/A:N).
Reporter is also vulnerable to cross site request forgery (CSRF) through a variety of mechanisms. An attacker who lures a Reporter administrator to browse a malicious website can use cross site request forgery (CSRF) to submit commands to Reporter and gain control of the product. Commands that the attacker can submit include changing the password, changing the policy, and restarting the product. The CVSS score for the CSRF vulnerability is 7.9 (AV:A/AC:M/Au:N/C:C/I:C/A:C).
Customers can limit the impact of this vulnerability in these ways:
Reporter 9.3 – a fix is available in 126.96.36.199 for Windows, Linux and Virtual Reporter versions. The fix is available to customers with a valid BlueTouch Online login from https://bto.bluecoat.com/download/product/8793.
Reporter 9.2 and earlier – please upgrade to a later version.
Reporter 8.3 and earlier – please upgrade to a later version.
OWASP information about XSS – www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29
OWASP information about CSRF – https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29
Web Application Security Consortium on CSRF – http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery
2012-12-12 Initial public release
Rate this Page
Please take a moment to complete this form to help us better serve you.