DELL SonicWALL GMS/Analyzer/UMA contains a cross-site scripting (XSS) vulnerability

Overview

DELL SonicWALL GMS/Analyzer/UMA version 7.1, and possibly earlier versions, contains a cross-site scripting (XSS) vulnerability. (CWE-79)

Description

CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

DELL SonicWALL GMS/Analyzer/UMA version 7.1 contains a cross-site scripting vulnerability. The “node_id” parameter on the page “/sgms/mainPage?page=genNetwork&screenid=1002&manager=ScreenDisplayManager&level=1&node_id” is vulnerable.

Proof-of-Concept:
hxxps://{SONICWALL}/sgms/mainPage?page=genNetwork&screenid=1002&manager=ScreenDisplayManager&level=1&node_id=aaaaa"><script>alert(document.cookie);</script>&screenid=1002&unused=&help_url=&node_name=Instance View&unitType=1&searchBySonicwall=0

---

Impact

A remote unauthenticated attacker may be able to execute arbitrary script in the context of the end-user’s browser session.

---

Solution

Apply an Update

Dell SonicWall has released version 7.1 SP2 or 7.2 to address this vulnerability. If you are unable to upgrade, please consider the following workaround.

---

Restrict access

As a general good security practice, only allow connections from trusted hosts and networks. Note that restricting access does not prevent XSS attacks since the attack comes as an HTTP request from a legitimate user’s host. Restricting access would prevent an attacker from accessing the interface using stolen credentials from a blocked network location.

---

Vendor Information

727318

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Dell Computer Corporation, Inc. Affected

Notified: November 20, 2013 Updated: September 17, 2015

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

• <http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_XSS_Resolved_in_7.1_SP2_and_7.2.pdf&gt;
• <https://support.software.dell.com/product-notification/128245&gt;

CVSS Metrics

Group	Score	Vector
Base	4.3	AV:N/AC:M/Au:N/C:P/I:N/A:N
Temporal	3.3	E:U/RL:ND/RC:UC
Environmental	0.8	CDP:ND/TD:L/CR:ND/IR:ND/AR:ND

References

• <http://www.sonicwall.com/us/shared/download/Support_Bulletin_GMS_Vulnerability_XSS_Resolved_in_7.1_SP2_and_7.2.pdf&gt;
• <http://cwe.mitre.org/data/definitions/79.html&gt;
• <https://support.software.dell.com/product-notification/128245&gt;

Acknowledgements

Thanks to William Costa for reporting this vulnerability.

This document was written by Jared Allar.

Other Information

CVE IDs:	CVE-2014-0332
Date Public:	2014-02-11 Date First Published: