Details:
Product | Cb Response |
Version Reported | 5.1.1 |
Version Resolved | 5.2.5 |
Severity Rating | High |
Exploitability | Low |
Remediation - Cloud | No Action - Cloud Customers Remediated 12/2016 |
Remediation - On Premise | Cb Response 5.2.5 available |
Executive Summary
Two XSS vulnerabilities have been reported in Cb Response version 5.1.1. One reflected XSS and a second stored XSS in the user details. The vulnerabilities have been addressed in Cb Response 5.2.5. See the ‘Remediation’ section of this bulletin for details.
The XSS vulnerabilities are possible only under certain conditions, as documented in the ‘Mitigations’ section. There is no indication this vulnerability has been exploited in the wild.
The vulnerabilities were discovered by MWRInfoSecurity. We thank them for their support and partnership.
Type and Rating
Rating Type | Rating |
Severity | High |
Exploitability | Low |
Severity is high because a successful exploitation can provide access to the Cb Response server equivalent to the compromised user. Exploitability is low because successful exploitation requires user interaction and the attacker have knowledge about server configuration.
Remediation
If you are a customer of Cb Response Cloud, there is nothing you need to do. Cloud customers were remediated in December 2016.
If you are an on-premise deployment, these vulnerabilities are fully remediated by upgrading to Cb Response 5.2.5. Customers running all prior versions of the software are advised to upgrade.
Mitigating Factors
The reflected XSS is only accessible by a user with global administrator privileges. To exploit either XSS vulnerability, an attacker must:
- Know the URL of your Cb Response server
- Know the identity of a Cb Response user
- Trick the Cb Response user into clicking a malicious link, while he is authenticated to the Cb Response server.
Workarounds
There are no immediate workarounds for these vulnerabilities. Customers should upgrade Cb Response servers to 5.2.5.
