Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-1383
HistoryOct 31, 2016 - 8:00 a.m.

Symantec IT Management Suite Multiple Issues

2016-10-3108:00:00
Symantec Security Response
18

EPSS

0.001

Percentile

45.7%

JSON

SUMMARY

Symantec has released updates to address two security issues: a cross-site scripting (XSS) issue and a denial of service (DoS) issue reported in the Symantec IT Management Suite (ITMS) workflow process manager console.

AFFECTED PRODUCTS

Symantec IT Manage Suite Workflow Process Manager Console

CVE

|

Affected Version(s)

|

Remediation

CVE-2016-6588

CVE-2016-6589

|

Prior to 8.0 HF4

|

Upgrade to 8.0 HF4

ISSUES

CVE-2016-6588

Severity/CVSSv3:

|

Medium / 6.7 AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

References:

Impact:

|

Securityfocus: BID 93952 / NVD: CVE-2016-6588

Cross site scripting

Description:

|

Symantec was notified of a reflected cross-site scripting (XSS) issue found in the ITMS 8.0 workflow process manager console. This was due to the failure to properly filter user-supplied input during an HTTP request to the workflow process manager console.

XSS issues are the result of insufficient validation/sanitation of user input and server output. A successful exploitation of this type of issue is possible should a properly authenticated user click on a maliciously crafted link or an authenticated user with access to the management console submit a specifically formatted HTTP request. Depending on the nature of the link, it is possible for arbitrary HTML requests and scripts to be executed in the context of the user, potentially allowing unauthorized access to or modification of ITMS information.

If an external attacker wanted to take advantage of this issue, they would need to successfully entice an authorized console user to visit a malicious website or click a malicious HTML link in an email.

In a typical installation, the Symantec ITMS workflow process manager console should not be accessible outside of the network environment, and access should be restricted to specified users/administrators. Web browsers used by authorized users to manage the Symantec ITMS workflow process manager should never be used to browse external websites during an active administrative session. These restrictions greatly reduce exposure to external exploit attempts.

CVE-2016-6589

Severity/CVSSv3:

|

Low / 3.0 AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L

References:

Impact:

|

Securityfocus: BID 93951 / NVD: CVE-2016-6589

Denial of service

Description:

|

The ITMS workflow process manager console login window does not properly sanitize user input. An authorized network user with access to the workflow process manager console application could potentially input large quantities of data. This could cause reduced responsiveness in the workflow process manager console application's functionality.

ACKNOWLEDGEMENTS

Related

prion 2
cve 2
cvelist 2
nvd 2
prion
prion
Cross site scripting
2020-01-08 17:15:00
Denial of service
2020-01-08 16:15:00
cve
cve
CVE-2016-6588
2020-01-08 17:15:10
CVE-2016-6589
2020-01-08 16:15:10
cvelist
cvelist
CVE-2016-6589
2020-01-08 15:55:08
CVE-2016-6588
2020-01-08 16:13:13
nvd
nvd
CVE-2016-6588
2020-01-08 17:15:10
CVE-2016-6589
2020-01-08 16:15:10

EPSS

0.001

Percentile

45.7%

JSON
Related for SMNTC-1383
prion2cve2cvelist2nvd2