SB2018031208 - Multiple vulnerabilities in SecurEnvoy SecurMail

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018031208

SB2018031208 - Multiple vulnerabilities in SecurEnvoy SecurMail

Published: March 12, 2018 Updated: April 3, 2018

Security Bulletin ID SB2018031208
Severity
Low
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Cross-site scripting (CVE-ID: CVE-2018-7703)

The vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The weakness exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


2) Cross-site scripting (CVE-ID: CVE-2018-7707)

The vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The weakness exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.



3) Path traversal (CVE-ID: CVE-2018-7705)

The vulnerability allows a remote authenticated attacker to obtain potentially sensisitve information on the target system.

The weakness exists in the filename parameter to secupload2/upload.aspx due to path traversal. A remote attacker can gain access to potentially sensitive information.

4) Path traversal (CVE-ID: CVE-2018-7706)

The vulnerability allows a remote authenticated attacker to obtain potentially sensisitve information on the target system.

The weakness exists in the option2 parameter in an attachment action to secmail/getmessage.exe due to path traversal. A remote attacker can gain access to potentially sensitive information.

5) Improper authorization (CVE-ID: CVE-2018-7704)

The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information on the target system.

The weakness exists due to only partially implemented authorization checks. A remote attacker can gain access to potentially sensitive information.

6) Spoofing attack (CVE-ID: CVE-2018-7702)

The vulnerability allows a remote attacker to obtain potentially sensitive information and modify arbitrary files on the target system.

The weakness exists due to missing authentication and authorization. A remote attacker can spoof transmission of arbitrary e-mail messages, resend e-mail messages to arbitrary recipients, or modify arbitrary message bodies and attachments by leveraging missing authentication and authorization.

7) Cross-site request forgery (CVE-ID: CVE-2018-7701)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists improper authentication. A remote attacker can hijack the authentication of arbitrary users for requests that delete e-mail messages via a delete action in a request to secmail/getmessage.exe or spoof arbitrary users and reply to their messages via a request to secserver/securectrl.exe and gain access to potentially sensitive information.

Remediation

Install update from vendor's website.

References