| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
| CVE-2015-2120 | 25 May 201514:59 | – | attackerkb | |
| The vulnerability of the HP SiteScope computing resource monitoring system allows a perpetrator to increase their privileges. | 7 Jul 201600:00 | – | bdu_fstec | |
| HP SiteScope Remote Elevation of Privilege Vulnerability (CNVD-2015-03466) | 26 May 201500:00 | – | cnvd | |
| HP SiteScope Log Analyzer Information Disclosure (CVE-2015-2120) | 25 Jun 201500:00 | – | checkpoint_advisories | |
| CVE-2015-2120 | 25 May 201514:00 | – | cve | |
| CVE-2015-2120 | 25 May 201514:00 | – | cvelist | |
| EUVD-2015-2230 | 7 Oct 202500:30 | – | euvd | |
| HP SiteScope Log Analysis Tool Remote Privilege Escalation (credentialed check) | 10 Jun 201500:00 | – | nessus | |
| CVE-2015-2120 | 25 May 201514:59 | – | nvd | |
| HP SiteScope Remote Privilege Escalation Vulnerability | 14 Feb 201700:00 | – | openvas |
| Source | Link |
|---|---|
| zerodayinitiative | www.zerodayinitiative.com/advisories/ZDI-15-239/ |
| nessus | www.nessus.org/u |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(84088);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2015-2120");
script_bugtraq_id(74801);
script_xref(name:"HP", value:"emr_na-c04688784");
script_xref(name:"HP", value:"HPSBGN03325");
script_xref(name:"HP", value:"SSRT101902");
script_name(english:"HP SiteScope Log Analysis Tool Remote Privilege Escalation (uncredentialed check)");
script_summary(english:"Checks the version of HP SiteScope.");
script_set_attribute(attribute:"synopsis", value:
"A web application running on the remote host is affected by a
privilege escalation vulnerability.");
script_set_attribute(attribute:"description", value:
"The HP SiteScope application running on the remote host is affected by
a privilege escalation vulnerability due to a failure to restrict the
log path within the Log Analysis Tool. A remote, authenticated
attacker can exploit this flaw to read the 'users.config' file,
allowing an attacker to escalate privileges from the user to
administrator role.");
script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-15-239/");
# https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c04688784
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?7dfdc15b");
script_set_attribute(attribute:"solution", value:
"Apply the appropriate update according to the vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:P/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-2120");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/05/22");
script_set_attribute(attribute:"patch_publication_date", value:"2015/05/22");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/06/10");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:hp:sitescope");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("hp_sitescope_detect.nasl");
script_require_keys("installed_sw/sitescope");
script_require_ports("Services/www", 8080);
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
include("install_func.inc");
appname = "sitescope";
# Stops get_http_port from branching
get_install_count(app_name:appname, exit_if_zero:TRUE);
port = get_http_port(default:8080);
install = get_single_install(app_name:appname,port:port,exit_if_unknown_ver:TRUE);
version = install['version']; # Version level always at least Major.Minor.SP
url = install['path' ];
url = build_url(port:port,qs:url);
if (
(version =~ "^11\.1[0-2](\.|$)") ||
(version =~ "^11\.2[0-3](\.|$)$") ||
# 11.24/11.13/11.30 can be affected if they aren't patched
(version == "11.30" && report_paranoia >= 2) ||
(version == "11.24" && report_paranoia >= 2) ||
(version == "11.13" && report_paranoia >= 2)
)
{
if (report_verbosity > 0)
{
fix = "11.13.4";
if(version =~ "^11\.2")
fix = "11.24 IP5";
else if(version =~ "^11\.3")
fix = "11.30 IP2";
report =
'\n URL : ' + url +
'\n Installed version : ' + version +
'\n Fixed version : ' + fix +
'\n';
security_hole(port:port, extra:report);
}
else security_hole(port);
exit(0);
}
else audit(AUDIT_WEB_APP_NOT_AFFECTED, appname, url, version);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation