VMware vCenter Update Manager XSS

medium Nessus Plugin ID 47897

Synopsis

The remote web server has a cross-site scripting vulnerability.

Description

The version of VMware vCenter Update Manager running on the remote host has a cross-site scripting vulnerability. This is due to a bug in Jetty, the underlying web server. When Jetty displays a directory listing, arbitrary text can be inserted into the page.

A remote attacker could exploit this by tricking a user into making a maliciously crafted request, resulting in the execution of arbitrary script code.

It is likely this version of Update Manager also has a directory traversal vulnerability, though Nessus did not check for that issue.

Solution

Apply the update referenced in VMware's advisory.

See Also

http://jira.codehaus.org/browse/JETTY-1004

https://www.vmware.com/security/advisories/VMSA-2010-0012.html

http://www.nessus.org/u?a71f3067

Plugin Details

Severity: Medium

ID: 47897

File Name: vmware_vcenter_update_mgr_xss.nasl

Version: 1.12

Type: remote

Published: 7/29/2010

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.6

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:vmware:vcenter_update_manager, cpe:/a:mortbay:jetty

Required KB Items: www/jetty

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Patch Publication Date: 7/19/2010

Vulnerability Publication Date: 4/28/2009

Exploitable With

Core Impact

Reference Information

CVE: CVE-2009-1524

BID: 34800

CWE: 79

CERT: 402580

Secunia: 40577

VMSA: 2010-0012