La Sostenibilità per TIM

Il Report 2024 accoglie i principi della Corporate Sustainability Reporting Directive (CSRD) ed è incluso nella Relazione Finanziaria e di Sostenibilità. Approfondisci

Ultimi Comunicati Stampa

Redazione ufficio stampa

Leggi gli ultimi comunicati stampa e naviga nell'archivio dell'Ufficio Stampa del Gruppo TIM. Leggi i comunicati

CVE-2024-28803

CVE-2024-28803 – Italtel i-MCS NFV

Vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Reflected Cross-site Scripting') - CWE-79

Software Version: 12.1.0-20211215

NIST: https://nvd.nist.gov/vuln/detail/ CVE-2024-28803

CVSS:

Severity:

Credits:  Luca Carbone, Fabio Romano, Stefano Scipioni, Massimiliano Brolli

Reflected cross site scripting (XSS) vulnerability allows authenticated remote attackers to inject arbitrary web script or HTML into HTTP/POST parameter which reflects/store the user input without sanitization.

 

Step-by-step instructions and PoC

The Web application does not properly check the parameters sent as input from clients before they are re-included within the HTTP pages returned by the application. In particular, the web gui is affected by the reflected type of this vulnerability. Due to the lack of validation of user input, it allows an attacker to modify the HTML code and the expected execution flow could be altered. The attack can be performed post authentication.

Affected Endpoints

1.     URL: https://[HOST]/[NODE-NAME]/IMCSCI-WebGui/actloglineview.jsp

o   HTTP POST Parameter: name, actLine

2.     URL: https://[HOST]/[NODE-NAME]/CI-NorthBound-common/rest/fault/activeAlarms

o   HTTP POST Json Parameter: numQueryResults 

 

Below is the evidence with the vulnerability details and the payloads used to exploit it on the URL #1

Figure 1: payload 

Click To Enlarge

Figure 2: Reflected XSS

Click To Enlarge

Below is the evidence with the vulnerability details and the payloads used to exploit it on the URL #2

Figure 3: payload

Click To Enlarge

Figure 4: Reflected XSS POC

Click To Enlarge

Figure 5: Reflected XSS outcome

Click To Enlarge

Security Impact

Successful attacks of this vulnerability can result in unauthorized access to critical data or complete account takeover.