Lukasz Plonka

Name of the Vulnerable Software and Affected Versions: Cisco Unified Communications Manager versions prior to the fixed version Cisco Unified Communications Manager Session Management Edition versions prior to the fixed version Description: The issue is related to a lack of input validation in the web-based management interface, which could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This could be achieved by persuading a user to click a crafted link, potentially allowing the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. Recommendations: For Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition, upgrade to a version that includes the fix for this issue as soon as possible to mitigate the threat. As a temporary workaround, consider restricting access to the web-based management interface to minimize the risk of exploitation. Avoid using the interface to click on links from untrusted sources until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ePolicy Orchestrator versions prior to 5.10.0 CP1 Update 2 **Description** An open redirect issue allows a remote low privileged user to modify the URL parameter for the purpose of redirecting URL request(s) to a malicious site, impacting the dashboard area of the user interface. A user would need to be logged into ePO to trigger this issue. To exploit this, the attacker must change the HTTP payload post submission, prior to it reaching the ePO server. **Recommendations** For versions prior to 5.10.0 CP1 Update 2, update to version 5.10.0 CP1 Update 2 or later to resolve the issue. As a temporary workaround, consider restricting access to the dashboard area of the user interface to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Microsoft SharePoint Server (affected versions not specified) **Description** The issue is related to errors in the representation of information by the user interface. It allows a remote attacker to conduct spoofing attacks, affecting the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NetScout nGeniusONE version 6.3.2 build 904 **Description** The issue is related to improper file permissions, allowing authenticated remote users to gain permissions via a crafted payload. **Recommendations** For NetScout nGeniusONE version 6.3.2 build 904, consider restricting access to sensitive files and directories to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NetScout nGeniusONE version 6.3.2 before P10 **Description** An issue was discovered that allows Reflected Cross-Site Scripting (XSS). **Recommendations** For NetScout nGeniusONE version 6.3.2 before P10, update to a version that includes patch P10 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** NetScout nGeniusONE version 6.3.2 before P10 **Description** The issue allows Reflected Cross-Site Scripting (XSS). **Recommendations** For NetScout nGeniusONE version 6.3.2 before P10, update to a version that includes the P10 patch or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** NetScout nGeniusONE versions 6.3.2 before P10 **Description** An issue was discovered that allows Reflected Cross-Site Scripting (XSS). **Recommendations** For versions 6.3.2 before P10, update to a version that includes the fix for this issue, specifically P10 or later.

**Name of the Vulnerable Software and Affected Versions** NetScout nGeniusONE version 6.3.2 build 904 **Description** An issue was discovered in NetScout nGeniusONE, where Open Redirection can occur. After a successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. **Recommendations** For NetScout nGeniusONE version 6.3.2 build 904, as a temporary workaround, consider restricting access to the vulnerable parameter until a patch is available. Avoid using the vulnerable parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NetScout nGeniusONE version 6.3.2 build 904 **Description** An issue was discovered in NetScout nGeniusONE, where Open Redirection can occur. After a successful login, an attacker must visit the vulnerable parameter and inject a crafted payload to successfully redirect to an unknown host. The attack vector is Network, and the Attack Complexity required is High. Privileges required are administrator, User Interaction is required, and Scope is unchanged. **Recommendations** For NetScout nGeniusONE version 6.3.2 build 904, as a temporary workaround, consider restricting access to the vulnerable parameter until a patch is available. Avoid using the vulnerable parameter after successful login to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NetScout nGeniusONE version 6.3.2 before P10 **Description** The issue allows Reflected Cross-Site Scripting (XSS). **Recommendations** For NetScout nGeniusONE version 6.3.2 before P10, update to a version that includes the fix, specifically P10 or later, to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** NetScout nGeniusONE version 6.3.2 before P10 **Description** An issue was discovered that allows Reflected Cross-Site Scripting (XSS). **Recommendations** For NetScout nGeniusONE version 6.3.2 before P10, update to a version that includes the fix for this issue, specifically P10 or later.

**Name of the Vulnerable Software and Affected Versions** NetScout nGeniusONE version 6.3.2 before P10 **Description** An issue was discovered that allows Reflected Cross-Site Scripting (XSS). **Recommendations** For NetScout nGeniusONE version 6.3.2 before P10, update to a version that includes patch P10 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** IBM Security Identity Manager versions 6.0 through 6.0.2 **Description** The issue allows a remote attacker to conduct phishing attacks using an open redirect attack. By persuading a victim to visit a specially crafted Web site, the attacker could exploit this to spoof the URL displayed, redirecting a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. The vulnerability may also be exploited to conduct cross-site scripting (XSS) attacks using a specially crafted link. **Recommendations** For IBM Security Identity Manager versions 6.0 through 6.0.2, consider implementing measures to protect against open redirect attacks, such as validating user-inputted URLs to prevent redirects to malicious sites. As a temporary workaround, consider restricting access to sensitive information and implementing additional security checks to minimize the risk of phishing attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM WebSphere Application Server versions 8.5 through 9.0 **Description** This issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session. The vulnerability enables the embedding of malicious code, which can compromise the security of the application. **Recommendations** For IBM WebSphere Application Server versions 8.5 through 9.0, consider disabling JavaScript execution in the Web UI as a temporary workaround until a patch is available. Restrict access to sensitive areas of the application to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBM WebSphere Application Server versions 7.0 through 9.0 **Description** The issue is caused by improper handling of Administrative Console data, allowing a remote attacker to obtain sensitive information. This information could be used in further attacks against the system. **Recommendations** For versions 7.0 through 9.0, update to a version that properly handles Administrative Console data to prevent sensitive information disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NetScout nGeniusONE version 6.3.2 **Description** The issue allows for Arbitrary File Upload by a privileged user. **Recommendations** For NetScout nGeniusONE version 6.3.2, consider restricting file upload capabilities for privileged users until a patch is available.

**Name of the Vulnerable Software and Affected Versions** NetScout nGeniusONE version 6.3.2 **Description** The issue allows an XML External Entity (XXE) attack. This type of attack occurs when an application parses XML input that contains an external entity, allowing an attacker to access local or remote resources. **Recommendations** For NetScout nGeniusONE version 6.3.2, consider disabling XML parsing or restricting the use of external entities to minimize the risk of exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** NetScout nGeniusONE version 6.3.2 **Description** The issue allows Java RMI code execution. **Recommendations** For NetScout nGeniusONE version 6.3.2, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Micro Focus ArcSight Enterprise Security Manager versions 7.4.x through 7.5.x **Description** The issue concerns potential vulnerabilities that could be remotely exploited, resulting in Cross-Site Scripting (XSS). **Recommendations** For versions 7.4.x through 7.5.x, update to a version that includes the fix for this issue to prevent remote exploitation and potential XSS attacks.

**Name of the Vulnerable Software and Affected Versions** Micro Focus ArcSight Enterprise Security Manager versions 7.4.x through 7.5.x **Description** The issue concerns potential vulnerabilities that could be remotely exploited, resulting in Cross-Site Scripting (XSS). **Recommendations** For versions 7.4.x and 7.5.x, update to a version that includes the fix for this issue to prevent remote exploitation and Cross-Site Scripting (XSS). At the moment, there is no information about a newer version that contains a fix for this vulnerability.