VAR-201209-0281
Vulnerability from variot - Updated: 2023-12-18 13:44Multiple cross-site request forgery (CSRF) vulnerabilities in Parallels H-Sphere 3.3 Patch 1 allow remote attackers to hijack the authentication of admins for requests that (1) add group plans via admin/group_plans.html or (2) add extra packages via admin/extra_packs/create_extra_pack.html. Parallels H-Sphere offers multi-server host automation solutions for Linux, BSD and Windows platforms. A cross-site request forgery vulnerability exists in Parallels H-Sphere. Allows an attacker to build a malicious URI, entice a user to resolve, and perform malicious actions in the target user context. H-Sphere includes its own controls panels, automated billing, and provisioning solution in a single integrated system. It is scalable to any number of boxes — more Web, mail, database, and Windows hosting servers can be added without downtime.
Abstract:
A Vulnerability Laboratory researcher discovered multiple persistant cross site scripting vulnerabilities on Parallels H-Sphere 3.3 Patch1.
Report-Timeline:
2012-01-22: Public or Non-Public Disclosure
Status:
Published
Exploitation-Technique:
Remote
Severity:
Medium
Details:
Multiple persistant cross site scripting vulnerabilities where detected on Parallels H-Sphere 3.3 Patch1. These vulnerabilities allow an remote attacker to hijack customer sessions via persistent cross site scripting. Successful exploitation can result in account steal, client side exploitation or phishing & session hijacking. These bugs are located on the admin panel of Parallels H-Sphere 3.3 Patch1.
Vulnerbale Module(s): [+] Group Module [+] Extra Package Module
Picture(s): ../1.png ../2.png
Proof of Concept:
The vulnerability can be exploited by remote attackers with high account privileges(mod/admin) & required user inter action. For demonstration or reproduce ...
[Poc 1]
Open Link: http://demo.psoft.net/psoft/servlet/psoft.hsphere.CP/admin/1_0/psoft.hsphere.CP?template_name=admin/group_plans.html
choose admin post xss on Group Name: press add group. Result XSS!
[Poc 2] Open link: http://demo.psoft.net/psoft/servlet/psoft.hsphere.CP/admin/1_0/psoft.hsphere.CP?template_name=admin/extra_packs/create_extra_pack.html Extra Pack Name put xss code: Extra Package Prices set fee 1 recurrent fee 1 just click submit you will see result.
Risk:
The security risk of the persistant cross site scripting vulnerabilities are estimated as medium(-).
Credits:
Vulnerability Research Laboratory - Ucha Gobejishvili (longrifle0x)
Disclaimer:
The information provided in this advisory is provided as it is without any warranty. Vulnerability-Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability- Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability- Lab. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab or its suppliers.
Copyright © 2012|Vulnerability-Lab
-- Website: www.vulnerability-lab.com ; vuln-lab.com or vuln-db.com Contact: admin@vulnerability-lab.com or support@vulnerability-lab.com
. ----------------------------------------------------------------------
Secunia is hiring!
Find your next job here:
http://secunia.com/company/jobs/
TITLE: Parallels H-Sphere Cross-Site Request Forgery Vulnerability
SECUNIA ADVISORY ID: SA47556
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47556/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47556
RELEASE DATE: 2012-01-24
DISCUSS ADVISORY: http://secunia.com/advisories/47556/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47556/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47556
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Vulnerability Lab has reported a vulnerability in Parallels H-Sphere, which can be exploited by malicious people to conduct cross-site request forgery attacks.
The application's web interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. add extra packages and group plans and conduct script insertion attacks by tricking a logged in user into visiting a malicious web site.
The vulnerability is reported in version 3.3 Patch 1. Other versions may also be affected.
SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application.
ORIGINAL ADVISORY: http://www.vulnerability-lab.com/get_content.php?id=392
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201209-0281",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "h-sphere",
"scope": "eq",
"trust": 1.6,
"vendor": "parallels",
"version": "3.3"
},
{
"model": "h-sphere",
"scope": "eq",
"trust": 0.8,
"vendor": "parallels",
"version": "3.3 patch 1"
},
{
"model": "h-sphere patch",
"scope": "eq",
"trust": 0.6,
"vendor": "parallels",
"version": "3.31"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "h sphere",
"version": "3.3"
}
],
"sources": [
{
"db": "IVD",
"id": "5ca6248e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5307"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004516"
},
{
"db": "NVD",
"id": "CVE-2012-5004"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-414"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:parallels:h-sphere:3.3:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5004"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "longrifle0x",
"sources": [
{
"db": "PACKETSTORM",
"id": "108972"
}
],
"trust": 0.1
},
"cve": "CVE-2012-5004",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-5004",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "5ca6248e-2353-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-5004",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201209-414",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "5ca6248e-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "5ca6248e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004516"
},
{
"db": "NVD",
"id": "CVE-2012-5004"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-414"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site request forgery (CSRF) vulnerabilities in Parallels H-Sphere 3.3 Patch 1 allow remote attackers to hijack the authentication of admins for requests that (1) add group plans via admin/group_plans.html or (2) add extra packages via admin/extra_packs/create_extra_pack.html. Parallels H-Sphere offers multi-server host automation solutions for Linux, BSD and Windows platforms. A cross-site request forgery vulnerability exists in Parallels H-Sphere. Allows an attacker to build a malicious URI, entice a user to resolve, and perform malicious actions in the target user context. \nH-Sphere includes its own controls panels, automated billing, and provisioning solution in a single integrated \nsystem. It is scalable to any number of boxes \u2014 more Web, mail, database, and Windows hosting servers can be \nadded without downtime. \n\n\n\nAbstract:\n=========\nA Vulnerability Laboratory researcher discovered multiple persistant cross site scripting vulnerabilities on Parallels H-Sphere 3.3 Patch1. \n\n\nReport-Timeline:\n================\n2012-01-22: Public or Non-Public Disclosure\n\n\nStatus:\n========\nPublished\n\n\nExploitation-Technique:\n=======================\nRemote\n\n\nSeverity:\n=========\nMedium\n\n\nDetails:\n========\nMultiple persistant cross site scripting vulnerabilities where detected on Parallels H-Sphere 3.3 Patch1. \nThese vulnerabilities allow an remote attacker to hijack customer sessions via persistent cross site scripting. \nSuccessful exploitation can result in account steal, client side exploitation or phishing \u0026 session hijacking. \nThese bugs are located on the admin panel of Parallels H-Sphere 3.3 Patch1. \n\nVulnerbale Module(s):\n [+] Group Module\n [+] Extra Package Module\n\nPicture(s):\n ../1.png\n ../2.png\n\n\nProof of Concept:\n=================\nThe vulnerability can be exploited by remote attackers with high account privileges(mod/admin) \u0026 required user inter action. \nFor demonstration or reproduce ... \n\n[Poc 1]\n\nOpen Link: http://demo.psoft.net/psoft/servlet/psoft.hsphere.CP/admin/1_0/psoft.hsphere.CP?template_name=admin/group_plans.html\n\nchoose admin\npost xss on Group Name: \u003cIFRAME SRC=\"javascript:alert(\u0027XSS\u0027);\"\u003e\u003c/IFRAME\u003e press add group. Result XSS!\n\n[Poc 2]\nOpen link: http://demo.psoft.net/psoft/servlet/psoft.hsphere.CP/admin/1_0/psoft.hsphere.CP?template_name=admin/extra_packs/create_extra_pack.html\nExtra Pack Name put xss code: \u003cIFRAME SRC=\"javascript:alert(\u0027XSS\u0027);\"\u003e\u003c/IFRAME\u003e\nExtra Package Prices set fee 1 recurrent fee 1 just click submit you will see result. \n\n\n\nRisk:\n=====\nThe security risk of the persistant cross site scripting vulnerabilities are estimated as medium(-). \n\n\nCredits:\n========\nVulnerability Research Laboratory - Ucha Gobejishvili (longrifle0x)\n\n\nDisclaimer:\n===========\nThe information provided in this advisory is provided as it is without any warranty. Vulnerability-Lab disclaims all warranties, \neither expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-\nLab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business \nprofits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some \nstates do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation \nmay not apply. Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability-\nLab. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of \nother media, are reserved by Vulnerability-Lab or its suppliers. \n\n \t\t\t\t\t\tCopyright \u00a9 2012|Vulnerability-Lab\n\n\n\n\n-- \nWebsite: www.vulnerability-lab.com ; vuln-lab.com or vuln-db.com\nContact: admin@vulnerability-lab.com or support@vulnerability-lab.com\n\n. ----------------------------------------------------------------------\n\nSecunia is hiring!\n\nFind your next job here:\n\nhttp://secunia.com/company/jobs/\n\n----------------------------------------------------------------------\n\nTITLE:\nParallels H-Sphere Cross-Site Request Forgery Vulnerability\n\nSECUNIA ADVISORY ID:\nSA47556\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47556/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47556\n\nRELEASE DATE:\n2012-01-24\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47556/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47556/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47556\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nVulnerability Lab has reported a vulnerability in Parallels H-Sphere,\nwhich can be exploited by malicious people to conduct cross-site\nrequest forgery attacks. \n\nThe application\u0027s web interface allows users to perform certain\nactions via HTTP requests without performing any validity checks to\nverify the requests. This can be exploited to e.g. add extra packages\nand group plans and conduct script insertion attacks by tricking a\nlogged in user into visiting a malicious web site. \n\nThe vulnerability is reported in version 3.3 Patch 1. Other versions\nmay also be affected. \n\nSOLUTION:\nDo not browse untrusted websites or follow untrusted links while\nlogged in to the application. \n\nORIGINAL ADVISORY:\nhttp://www.vulnerability-lab.com/get_content.php?id=392\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5004"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004516"
},
{
"db": "CNVD",
"id": "CNVD-2012-5307"
},
{
"db": "IVD",
"id": "5ca6248e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "108972"
},
{
"db": "PACKETSTORM",
"id": "109047"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-5004",
"trust": 3.2
},
{
"db": "SECUNIA",
"id": "47556",
"trust": 2.3
},
{
"db": "PACKETSTORM",
"id": "108972",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "78505",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2012-5307",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201209-414",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004516",
"trust": 0.8
},
{
"db": "XF",
"id": "72628",
"trust": 0.6
},
{
"db": "IVD",
"id": "5CA6248E-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "109047",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "5ca6248e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5307"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004516"
},
{
"db": "PACKETSTORM",
"id": "108972"
},
{
"db": "PACKETSTORM",
"id": "109047"
},
{
"db": "NVD",
"id": "CVE-2012-5004"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-414"
}
]
},
"id": "VAR-201209-0281",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "5ca6248e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5307"
}
],
"trust": 1.13333334
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "5ca6248e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5307"
}
]
},
"last_update_date": "2023-12-18T13:44:38.519000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Parallels H-Sphere",
"trust": 0.8,
"url": "http://www.parallels.com/jp/products/hsphere/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004516"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004516"
},
{
"db": "NVD",
"id": "CVE-2012-5004"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.vulnerability-lab.com/get_content.php?id=392"
},
{
"trust": 1.6,
"url": "http://osvdb.org/78505"
},
{
"trust": 1.6,
"url": "http://packetstormsecurity.org/files/view/108972/vl-392.txt"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/47556"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72628"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5004"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5004"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/47556http"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/72628"
},
{
"trust": 0.1,
"url": "http://demo.psoft.net/psoft/servlet/psoft.hsphere.cp/admin/1_0/psoft.hsphere.cp?template_name=admin/group_plans.html"
},
{
"trust": 0.1,
"url": "http://demo.psoft.net/psoft/servlet/psoft.hsphere.cp/admin/1_0/psoft.hsphere.cp?template_name=admin/extra_packs/create_extra_pack.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/company/jobs/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47556/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47556/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47556"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5307"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004516"
},
{
"db": "PACKETSTORM",
"id": "108972"
},
{
"db": "PACKETSTORM",
"id": "109047"
},
{
"db": "NVD",
"id": "CVE-2012-5004"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-414"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "5ca6248e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5307"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004516"
},
{
"db": "PACKETSTORM",
"id": "108972"
},
{
"db": "PACKETSTORM",
"id": "109047"
},
{
"db": "NVD",
"id": "CVE-2012-5004"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-414"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-09-21T00:00:00",
"db": "IVD",
"id": "5ca6248e-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5307"
},
{
"date": "2012-09-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004516"
},
{
"date": "2012-01-23T16:23:31",
"db": "PACKETSTORM",
"id": "108972"
},
{
"date": "2012-01-24T01:28:43",
"db": "PACKETSTORM",
"id": "109047"
},
{
"date": "2012-09-19T21:55:07.750000",
"db": "NVD",
"id": "CVE-2012-5004"
},
{
"date": "2012-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-414"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5307"
},
{
"date": "2012-09-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004516"
},
{
"date": "2017-08-29T01:32:27.603000",
"db": "NVD",
"id": "CVE-2012-5004"
},
{
"date": "2012-09-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-414"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-414"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Parallels H-Sphere Cross-Site Request Forgery Vulnerability",
"sources": [
{
"db": "IVD",
"id": "5ca6248e-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5307"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-414"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.