HP Operations Orchestration 10.x Remote Information Disclosure
2015-05-12T00:00:00
ID HP_OPERATIONS_ORCHESTRATION_HPSBMU03291.NASL Type nessus Reporter This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2015-05-12T00:00:00
Description
The remote host has a version of HP Operations Orchestration installed
that is 10.x prior to 10.21.0001. It is, therefore, affected by an
information disclosure vulnerability. A remote, authenticated attacker
can exploit this, via PowerShell (PS) script operations, to obtain
user passwords and other sensitive information.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(83348);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2015-2108");
script_bugtraq_id(73320);
script_xref(name:"HP", value:"HPSBMU03291");
script_xref(name:"HP", value:"SSRT101980");
script_xref(name:"HP", value:"emr_na-c04595417");
script_name(english:"HP Operations Orchestration 10.x Remote Information Disclosure");
script_summary(english:"Checks the HP Operations Orchestration version.");
script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by remote information disclosure
vulnerability.");
script_set_attribute(attribute:"description", value:
"The remote host has a version of HP Operations Orchestration installed
that is 10.x prior to 10.21.0001. It is, therefore, affected by an
information disclosure vulnerability. A remote, authenticated attacker
can exploit this, via PowerShell (PS) script operations, to obtain
user passwords and other sensitive information.");
# https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c04595417
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a6ac93df");
script_set_attribute(attribute:"solution", value:
"Upgrade to HP Operations Orchestration 10.21.0001 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/03/16");
script_set_attribute(attribute:"patch_publication_date", value:"2015/03/16");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/05/12");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:hp:operations_orchestration");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("hp_operations_orchestration_detect.nbin");
script_require_keys("installed_sw/HP Operations Orchestration");
script_require_ports("Services/www", 8080, 8443);
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
include("install_func.inc");
port = get_http_port(default:8080);
appname = "HP Operations Orchestration";
get_install_count(app_name:appname, exit_if_zero:TRUE);
install = get_single_install(app_name:appname, port:port);
dir = install['path'];
version = install['version'];
install_url = build_url(port:port, qs:dir);
if (version == UNKNOWN_VER) audit(AUDIT_UNKNOWN_WEB_APP_VER, appname, install_url);
if (version =~ '^10\\.' && ver_compare(ver:version, fix:"10.21.0001", strict:FALSE) < 0)
{
if (report_verbosity > 0)
{
report =
'\n URL : ' + install_url +
'\n Installed version : ' + version +
'\n Fixed version : 10.21.0001\n';
security_note(port:port, extra:report);
}
else security_note(port:port);
exit(0);
}
else audit(AUDIT_WEB_APP_NOT_AFFECTED, appname, install_url, version);
{"id": "HP_OPERATIONS_ORCHESTRATION_HPSBMU03291.NASL", "bulletinFamily": "scanner", "title": "HP Operations Orchestration 10.x Remote Information Disclosure", "description": "The remote host has a version of HP Operations Orchestration installed\nthat is 10.x prior to 10.21.0001. It is, therefore, affected by an\ninformation disclosure vulnerability. A remote, authenticated attacker\ncan exploit this, via PowerShell (PS) script operations, to obtain\nuser passwords and other sensitive information.", "published": "2015-05-12T00:00:00", "modified": "2015-05-12T00:00:00", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}, "href": "https://www.tenable.com/plugins/nessus/83348", "reporter": "This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?a6ac93df"], "cvelist": ["CVE-2015-2108"], "type": "nessus", "lastseen": "2021-01-20T11:31:56", "edition": 27, "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-2108"]}, {"type": "kaspersky", "idList": ["KLA10520"]}], "modified": "2021-01-20T11:31:56", "rev": 2}, "score": {"value": 4.9, "vector": "NONE", "modified": "2021-01-20T11:31:56", "rev": 2}, "vulnersScore": 4.9}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83348);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-2108\");\n script_bugtraq_id(73320);\n script_xref(name:\"HP\", value:\"HPSBMU03291\");\n script_xref(name:\"HP\", value:\"SSRT101980\");\n script_xref(name:\"HP\", value:\"emr_na-c04595417\");\n\n script_name(english:\"HP Operations Orchestration 10.x Remote Information Disclosure\");\n script_summary(english:\"Checks the HP Operations Orchestration version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by remote information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host has a version of HP Operations Orchestration installed\nthat is 10.x prior to 10.21.0001. It is, therefore, affected by an\ninformation disclosure vulnerability. A remote, authenticated attacker\ncan exploit this, via PowerShell (PS) script operations, to obtain\nuser passwords and other sensitive information.\");\n # https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c04595417\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a6ac93df\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to HP Operations Orchestration 10.21.0001 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:hp:operations_orchestration\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"hp_operations_orchestration_detect.nbin\");\n script_require_keys(\"installed_sw/HP Operations Orchestration\");\n script_require_ports(\"Services/www\", 8080, 8443);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"install_func.inc\");\n\nport = get_http_port(default:8080);\nappname = \"HP Operations Orchestration\";\n\nget_install_count(app_name:appname, exit_if_zero:TRUE);\n\ninstall = get_single_install(app_name:appname, port:port);\n\ndir = install['path'];\nversion = install['version'];\n\ninstall_url = build_url(port:port, qs:dir);\n\nif (version == UNKNOWN_VER) audit(AUDIT_UNKNOWN_WEB_APP_VER, appname, install_url);\n\nif (version =~ '^10\\\\.' && ver_compare(ver:version, fix:\"10.21.0001\", strict:FALSE) < 0)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n URL : ' + install_url +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 10.21.0001\\n';\n security_note(port:port, extra:report);\n }\n else security_note(port:port);\n exit(0);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, appname, install_url, version);\n", "naslFamily": "CGI abuses", "pluginID": "83348", "cpe": ["cpe:/a:hp:operations_orchestration"], "scheme": null}
{"cve": [{"lastseen": "2021-02-02T06:21:22", "description": "Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors.", "edition": 4, "cvss3": {}, "published": "2015-03-31T10:59:00", "title": "CVE-2015-2108", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.5, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2108"], "modified": "2016-11-30T03:01:00", "cpe": ["cpe:/a:hp:operations_orchestration:9.0", "cpe:/a:hp:operations_orchestration:10.0"], "id": "CVE-2015-2108", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2108", "cvss": {"score": 3.5, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:hp:operations_orchestration:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:hp:operations_orchestration:9.0:*:*:*:*:*:*:*"]}], "kaspersky": [{"lastseen": "2020-09-02T11:56:07", "bulletinFamily": "info", "cvelist": ["CVE-2015-2108", "CVE-2015-2109"], "description": "### *Detect date*:\n03/31/2015\n\n### *Severity*:\nCritical\n\n### *Description*:\nAn unspecified vulnerabilities were found in HP Operations Orchestration. By exploiting these vulnerabilities malicious users can bypass authentication,obtain sensitive information or modify data. These vulnerabilities can be exploited remotely via an unknown vector.\n\n### *Affected products*:\nHP Operations Orchestration 9.x \nHP Operations Orchestration 10.x\n\n### *Solution*:\nUpdate HP Operations Orchestration to the latest version \n[Get HP Operations Orchestration](<http://www8.hp.com/us/en/software-solutions/operations-orchestration-it-process-automation/>)\n\n### *Original advisories*:\n[HP security bulletin](<https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595607>) \n[HP security bulletin](<https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04595417>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[HP Operations Orchestration](<https://threats.kaspersky.com/en/product/HP-Operations-Orchestration/>)\n\n### *CVE-IDS*:\n[CVE-2015-2109](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2109>)7.5Critical \n[CVE-2015-2108](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2108>)3.5Warning", "edition": 41, "modified": "2020-05-22T00:00:00", "published": "2015-03-31T00:00:00", "id": "KLA10520", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10520", "title": "\r KLA10520Multiple vulnerabilities in HP Operations Orchestration ", "type": "kaspersky", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}