Summary
This host is installed with ZOHO ManageEngine
ServiceDesk Plus (SDP) and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote
authenticated attackers to gain access to ticket information and inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
Impact Level: Application
Solution
Upgrade to version 9.0 build 9031 or later,
For updates refer http://www.manageengine.com/products/service-desk
Insight
Flaws are due to the CreateReportTable.jsp
script not properly sanitizing user-supplied input to the 'site' parameter and not properly restricting access to (1) getTicketData action to servlet /AJaxServlet or a direct request to (2) swf/flashreport.swf, (3) reports /flash/details.jsp, or (4) reports/CreateReportTable.jsp.
Affected
ZOHO ManageEngine ServiceDesk Plus (SDP)
version before 9.0 build 9031
Detection
Get the installed version with
the help of detect NVT and check the version is vulnerable or not.
References
- http://osvdb.org/117499
- http://osvdb.org/117500
- http://packetstormsecurity.com/files/130079
- http://www.exploit-db.com/exploits/35890
- http://www.manageengine.com/products/service-desk/readme-9.0.html
- http://www.rewterz.com/vulnerabilities/manageengine-servicedesk-sql-injection-vulnerability
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2015-1479, CVE-2015-1480 -
CVSS Base Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P
Related Vulnerabilities
- 7Media Web Solutions EduTrac Directory Traversal Vulnerability
- An Image Gallery Directory Traversal Vulnerability
- Apache Solr Directory Traversal Vulnerability Jan-14
- Apache Struts CookBook/Examples Multiple Cross-Site Scripting Vulnerabilities
- Apache ActiveMQ 'Cron Jobs' Cross Site Scripting Vulnerability