McAfee Vulnerability Manager Enterprise Manager Multiple Vulnerabilities (SB10061)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(72588);
  script_version("1.7");
  script_cvs_date("Date: 2018/11/15 20:50:27");

  script_cve_id("CVE-2014-1472", "CVE-2014-1473");
  script_bugtraq_id(64795);
  script_xref(name:"MCAFEE-SB", value:"SB10061");

  script_name(english:"McAfee Vulnerability Manager Enterprise Manager Multiple Vulnerabilities (SB10061)");
  script_summary(english:"Checks version of McAfee Vulnerability Manager");

  script_set_attribute(attribute:"synopsis", value:
"The remote host has a web application installed that is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of McAfee Vulnerability Manager installed is 7.0.x prior to
7.0.11.05002, 7.5.x earlier than 7.5.4, 7.5.4 prior to 7.5.4.05007, or
7.5.5 prior to 7.5.5.05002.  It is, therefore, potentially affected by
multiple cross-site scripting and cross-site request forgery
vulnerabilities in the Enterprise Manager component.");
  script_set_attribute(attribute:"see_also", value:"https://www.zerodaylab.com/vulnerabilities/CVE-2014/CVE-2014-1472.html");
  script_set_attribute(attribute:"see_also", value:"https://www.zerodaylab.com/vulnerabilities/CVE-2014/CVE-2014-1473.html");
  script_set_attribute(attribute:"see_also", value:"https://kc.mcafee.com/corporate/index?page=content&id=SB10061");
  script_set_attribute(attribute:"solution", value:
"Upgrade to McAfee Vulnerability Manager 7.0.11.05002, 7.5.4.05007,
7.5.5.05002, 7.5.6 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/01/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/01/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/02/19");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:mcafee:vulnerability_manager");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");

  script_dependencies("mcafee_vulnerability_manager_installed.nbin");
  script_require_keys("SMB/McAfee Vulnerability Manager/Path", "SMB/McAfee Vulnerability Manager EM/Version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

version = get_kb_item_or_exit("SMB/McAfee Vulnerability Manager EM/Version");
path = get_kb_item_or_exit("SMB/McAfee Vulnerability Manager/Path");

if (version =~ '^7\\.0\\.([0-9]|10)\\.')
  fix = '7.0.11.05002';
else if (version =~ '^7\\.0\\.11\\.' && ver_compare(ver:version, fix:'7.0.11.05002') < 0)
  fix = '7.0.11.05002';
else if (version =~ '^7\\.5\\.[0-3]\\.')
  fix = '7.5.5.05002';
else if (version =~ '^7\\.5\\.4\\.' && ver_compare(ver:version, fix:'7.5.4.05007') < 0)
  fix = '7.5.4.05007';
else if (version =~ '^7\\.5\\.5\\.' && ver_compare(ver:version, fix:'7.5.5.05002') < 0)
  fix = '7.5.5.05002';
else 
  audit(AUDIT_INST_PATH_NOT_VULN, 'McAfee Vulnerability Manager Enterprise Manager', version, path);

set_kb_item(name:"www/0/XSS", value:TRUE);
set_kb_item(name:"www/0/XSRF", value:TRUE);

port = get_kb_item("SMB/transport");
if (!port) port = 445;

if (report_verbosity > 0)
{
  report +=
    '\n  Path              : ' + path +
    '\n  Installed version : ' + version +
    '\n  Fixed version     : ' + fix + '\n';
  security_warning(port:port, extra:report);
}
else security_warning(port);