Operating System:

[LINUX][Appliance][Virtual]

Published:

06 April 2016

Protect yourself against future threats.

//Service

Security Bulletins

Receive up to date and consistent security bulletins across a wide range of vendors, streamlining security patching.

Read more
Resources > Security Bulletins > ASB-2016.0035 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2016.0035
         Multiple vulnerabilities have been identified in Tenable
                           SecurityCenter 5.2.0
                               6 April 2016

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Tenable SecurityCenter
Operating System:     Linux variants
                      VMware ESX Server
                      Network Appliance
Impact/Access:        Cross-site Scripting     -- Remote with User Interaction
                      Access Confidential Data -- Existing Account            
Resolution:           Patch/Upgrade
CVE Names:            CVE-2016-82011 CVE-2016-82010 CVE-2016-82009
                      CVE-2016-82008  
Member content until: Thursday, May  5 2016

OVERVIEW

        Multiple vulnerabilities have been identified in Tenable SecurityCenter
        5.2.0.[1]


IMPACT

        The vendor has provided the following information:
        
        "SecurityCenter 5.2.0 was found vulnerable to three cross-site 
        scripting issues. If exploited, a victim could be tricked into 
        executing attacker-controlled JavaScript that runs in the their own
        context, potentially leading to authentication credential disclosure
        or other attacks. A fourth issue, an authenticated path disclosure 
        weakness, has also been addressed.
        
        CVE-2016-82008 - Reflected XSS. An unauthenticated attacker could 
        craft a URL that can be used against an authenticated SecurityCenter
        user. (NN Group N.V.)
        
        CVE-2016-82009 - Stored XSS. An authenticated attacker with user 
        privileges could embed malicious JavaScript that would be stored by
        SecurityCenter, and subsequently rendered by other users loading a 
        specific page. (NN Group N.V.)
        
        CVE-2016-82010 - Reflected XSS. An unauthenticated attacker could 
        craft a URL that can be used against an authenticated SecurityCenter
        user. (NN Group N.V.)
        
        CVE-2016-82011 - System path disclosure weakness (post-auth). (NN 
        Group N.V.)
        
        In addition to these fixes, SecurityCenter now implements a variety
        of HTTP headers and Cookie flags to further enhance security. Thanks
        to both CESG and NN Group N.V. for pointing out methods for 
        accomplishing this. Note that the CVSSv2 score associated with this
        advisory reflects the most severe issue by the scoring standards, 
        which is the reflected XSS." [1]


MITIGATION

        Users should upgrade to version 5.3.1. to rectify these issues. [1]


REFERENCES

        [1] [R1] SecurityCenter 5.2.0 Multiple Vulnerabilities
            http://www.tenable.com/security/tns-2016-07

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVwSB5X6ZAP0PgtI9AQIq2g/9HVwCbay8nTApjYtiSG3SUPWx+B4pYpvb
3pxi5VAQSiBJba5ge2q/A1teq1VtWk6L/xmBt53bhseTvcpHfMuS7TIxVGj2tXLV
QJNmHhYjfKf/AJqIY7Nv8Nh9MM4vcJ/aaAxs8++CF0D+Cb2sovr+k7jmq/ZCczuW
uDaDW8BTJQsaPTZ5/cn6QotFDkyctjSsSPvF9ypU04VJmFMGpqI4MauInENgKKHF
r0Z95L6EFdDZrlSimCK8e1Z4CIhqlbbZ48RdNSqmOZxKJccYwAypam3ORKarKz2s
P9KHru0/eqPhS8liW1cGSRH7mL1lpDmv1nWN+r+h13cfCqVdo9LQvNs7wRARwFBl
sMM+kZo6iPfnyd8pocX402Nq0L0MG/LEShTaxQVvmJswgvs5XifvMvy+x+MpXm+c
KdS/SlgH8Dvqme9XWG3zUTHPd7Hkuz0qsZ5cF2eX6WDgTE1Tkhq26BMO7LQUT1Uq
kATPuW92khEZbXd7KCRjRpcXaqTMhMhKlET4qOUS/q2xv1OT0wA4EIzaOfmnw+KW
4ECWh0rJOPXrWNQGBkwzGnXGNKLtRF6Re3IMXK0aJa9DHjKcW49qWpi0JjAqlZGI
O47zokP+7u8YsLGIcMFXaLJtoHwrj9IZrgIpAxhzRAmPRVArKIm058YaHBGFISGJ
Gc/7AtIREMI=
=oDVr
-----END PGP SIGNATURE-----