cnvd - cnvd-2015-08433

CNVD-2015-08433

Vulnerability from cnvd - Published: 2015-12-23

Title

Ipswitch WhatsUp Gold SQL注入漏洞

Description

Ipswitch WhatsUp Gold是一套统一的基础设施和应用监控软件。 IPswitch WhatsUp Gold存在SQL注入漏洞。由于未能正确过滤‘UniqueID’参数，允许远程攻击者利用漏洞提交特制的SQL查询，操作或获取数据库数据。

Severity

高

Patch Name

Ipswitch WhatsUp Gold SQL注入漏洞的补丁

Patch Description

Ipswitch WhatsUp Gold是一套统一的基础设施和应用监控软件。 IPswitch WhatsUp Gold存在SQL注入漏洞。由于未能正确过滤‘UniqueID’参数，允许远程攻击者利用漏洞提交特制的SQL查询，操作或获取数据库数据。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： http://www.whatsupgold.com/

Reference

http://www.securityfocus.com/bid/79506

Impacted products

Name
['Ipswitch WhatsUp Gold 15.0.2', 'Ipswitch WhatsUp Gold 15.0', 'Ipswitch WhatsUp Gold 14.2', 'Ipswitch WhatsUp Gold 14.3', 'Ipswitch WhatsUp Gold 14.4', 'Ipswitch WhatsUp Gold 14.4.1', 'Ipswitch WhatsUp Gold 15.0.1']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "79506"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-6005"
    }
  },
  "description": "Ipswitch WhatsUp Gold\u662f\u4e00\u5957\u7edf\u4e00\u7684\u57fa\u7840\u8bbe\u65bd\u548c\u5e94\u7528\u76d1\u63a7\u8f6f\u4ef6\u3002\r\n\r\nIPswitch WhatsUp Gold\u5b58\u5728SQL\u6ce8\u5165\u6f0f\u6d1e\u3002\u7531\u4e8e\u672a\u80fd\u6b63\u786e\u8fc7\u6ee4\u2018UniqueID\u2019\u53c2\u6570\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u5236\u7684SQL\u67e5\u8be2\uff0c\u64cd\u4f5c\u6216\u83b7\u53d6\u6570\u636e\u5e93\u6570\u636e\u3002",
  "discovererName": "Noam Rathaus, Owen Shearing of 7Safe Ltd., and Rapid7",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://www.whatsupgold.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-08433",
  "openTime": "2015-12-23",
  "patchDescription": "Ipswitch WhatsUp Gold\u662f\u4e00\u5957\u7edf\u4e00\u7684\u57fa\u7840\u8bbe\u65bd\u548c\u5e94\u7528\u76d1\u63a7\u8f6f\u4ef6\u3002\r\n\r\nIPswitch WhatsUp Gold\u5b58\u5728SQL\u6ce8\u5165\u6f0f\u6d1e\u3002\u7531\u4e8e\u672a\u80fd\u6b63\u786e\u8fc7\u6ee4\u2018UniqueID\u2019\u53c2\u6570\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u5236\u7684SQL\u67e5\u8be2\uff0c\u64cd\u4f5c\u6216\u83b7\u53d6\u6570\u636e\u5e93\u6570\u636e\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Ipswitch WhatsUp Gold SQL\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Ipswitch WhatsUp Gold 15.0.2",
      "Ipswitch WhatsUp Gold 15.0",
      "Ipswitch WhatsUp Gold 14.2",
      "Ipswitch WhatsUp Gold 14.3",
      "Ipswitch WhatsUp Gold 14.4",
      "Ipswitch WhatsUp Gold 14.4.1",
      "Ipswitch WhatsUp Gold 15.0.1"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/79506",
  "serverity": "\u9ad8",
  "submitTime": "2015-12-20",
  "title": "Ipswitch WhatsUp Gold SQL\u6ce8\u5165\u6f0f\u6d1e"
}

CVE-2015-6005 (GCVE-0-2015-6005)

Vulnerability from cvelistv5 – Published: 2015-12-27 02:00 – Updated: 2024-08-06 07:06

Summary

Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to inject arbitrary web script or HTML via (1) an SNMP OID object, (2) an SNMP trap message, (3) the View Names field, (4) the Group Names field, (5) the Flow Monitor Credentials field, (6) the Flow Monitor Threshold Name field, (7) the Task Library Name field, (8) the Task Library Description field, (9) the Policy Library Name field, (10) the Policy Library Description field, (11) the Template Library Name field, (12) the Template Library Description field, (13) the System Script Library Name field, (14) the System Script Library Description field, or (15) the CLI Settings Library Description field.

Severity ?

No CVSS data available.

CWE

Assigner

certcc

References

URL

Tags

	https://www.kb.cert.org/vuls/id/176160	third-party-advisoryx_refsource_CERT-VN
	http://twitter.com/ipswitch/statuses/677558623229317121	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1034833	vdb-entryx_refsource_SECTRACK
	https://community.rapid7.com/community/infosec/bl…	x_refsource_MISC
	http://www.securityfocus.com/bid/79506	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:06:35.203Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#176160",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/176160"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://twitter.com/ipswitch/statuses/677558623229317121"
          },
          {
            "name": "1034833",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034833"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://community.rapid7.com/community/infosec/blog/2015/12/16/multiple-disclosures-for-multiple-network-management-systems"
          },
          {
            "name": "79506",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/79506"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-12-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to inject arbitrary web script or HTML via (1) an SNMP OID object, (2) an SNMP trap message, (3) the View Names field, (4) the Group Names field, (5) the Flow Monitor Credentials field, (6) the Flow Monitor Threshold Name field, (7) the Task Library Name field, (8) the Task Library Description field, (9) the Policy Library Name field, (10) the Policy Library Description field, (11) the Template Library Name field, (12) the Template Library Description field, (13) the System Script Library Name field, (14) the System Script Library Description field, or (15) the CLI Settings Library Description field."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-02T20:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "VU#176160",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/176160"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://twitter.com/ipswitch/statuses/677558623229317121"
        },
        {
          "name": "1034833",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034833"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://community.rapid7.com/community/infosec/blog/2015/12/16/multiple-disclosures-for-multiple-network-management-systems"
        },
        {
          "name": "79506",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/79506"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2015-6005",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to inject arbitrary web script or HTML via (1) an SNMP OID object, (2) an SNMP trap message, (3) the View Names field, (4) the Group Names field, (5) the Flow Monitor Credentials field, (6) the Flow Monitor Threshold Name field, (7) the Task Library Name field, (8) the Task Library Description field, (9) the Policy Library Name field, (10) the Policy Library Description field, (11) the Template Library Name field, (12) the Template Library Description field, (13) the System Script Library Name field, (14) the System Script Library Description field, or (15) the CLI Settings Library Description field."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#176160",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/176160"
            },
            {
              "name": "http://twitter.com/ipswitch/statuses/677558623229317121",
              "refsource": "CONFIRM",
              "url": "http://twitter.com/ipswitch/statuses/677558623229317121"
            },
            {
              "name": "1034833",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034833"
            },
            {
              "name": "https://community.rapid7.com/community/infosec/blog/2015/12/16/multiple-disclosures-for-multiple-network-management-systems",
              "refsource": "MISC",
              "url": "https://community.rapid7.com/community/infosec/blog/2015/12/16/multiple-disclosures-for-multiple-network-management-systems"
            },
            {
              "name": "79506",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/79506"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2015-6005",
    "datePublished": "2015-12-27T02:00:00",
    "dateReserved": "2015-08-14T00:00:00",
    "dateUpdated": "2024-08-06T07:06:35.203Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2015-08433

CVE-2015-6005 (GCVE-0-2015-6005)

Tags

Sightings

Nomenclature