Advisory Details

May 26th, 2015

Hewlett-Packard SiteScope Log Analyzer Privilege Escalation Vulnerability

ZDI-15-239
ZDI-CAN-2567

CVE ID CVE-2015-2120
CVSS SCORE 9, (AV:N/AC:L/Au:S/C:C/I:C/A:C)
AFFECTED VENDORS Hewlett-Packard
AFFECTED PRODUCTS SiteScope
VULNERABILITY DETAILS


This vulnerability allows remote attackers to read arbitrary files on vulnerable installations of Hewlett-Packard SiteScope. Authentication is required to exploit this vulnerability.

The specific flaw exists within the Log Analysis Tool. This tool does not validate or restrict the log path allowing users to read the users.config file. A remote attacker can leverage this vulnerability to escalate privileges from the user to administrator role.

ADDITIONAL DETAILS Hewlett-Packard has issued an update to correct this vulnerability. More details can be found at:
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04688784
DISCLOSURE TIMELINE
  • 2015-01-27 - Vulnerability reported to vendor
  • 2015-05-26 - Coordinated public release of advisory
CREDIT 3S Labs
BACK TO ADVISORIES