1. Symantec/
  2. Security Response/
  3. Security Updates Detail

Security Advisories Relating to Symantec Products - Symantec GeoTrust Security Center Blind XSS

SYM16-014

August 31, 2016

Overview | Vulnerabilities | Affected Products | Mitigation | Acknowledgements

 

REVISIONS

None

 

 

OVERVIEW

Symantec has addressed an issue found in the GeoTrust Security Center Management portal used for issuing digital SSL/TLS certificates. The portal was vulnerable to a blind cross site scripting (XSS) attack due to a failure to properly sanitize user-supplied input. This could potentially allow an attacker to gain unauthorized information and management tools available through the GeoTrust Security Center portal.

 

Highest severity issue: Medium

Number of issues: 1

 

< Back to top

 

 

VULNERABILITIES

This advisory pertains to the following vulnerabilities:

TITLE

CVE

SEVERITY

Symantec GeoTrust Security Center Management Console Blind Cross-Site Scripting Vulnerability

N/A

Medium

 

< Back to top

 

 

AFFECTED PRODUCTS

Symantec has verified the issue and addressed it in product updates identified in the solution portion of the affected products matrix.

 

Enterprise

The following Symantec enterprise products are known to be affected by this issue.

 

PRODUCT

SOLUTION

Symantec GeoTrust Security Center

Product is already update (hosted solution). No manual update or patching is required.

 

< Back to top

 

 

VULNERABILITY DETAILS

 

Symantec GeoTrust Security Center Management Console Blind Cross-Site Scripting Vulnerability

 

BID: N/A

Severity: Medium (CVSSv3: 6.9) - AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N

Impact: Blind Cross Site Scripting

Exploitation: None

Date patched: August, 2016

 

The Symantec GeoTrust Security Center Management Console is vulnerable to a Blind XSS issue. XSS issues may arise when user input and server output is insufficiently validated and sanitized.

 

During the initial registration on Security Center the malicious user supplies specifically-formatted input to one of the required user-input fields. Following registration, this payload is stored in the backend systems and remains dormant till an internal user accessed a user-action page on the internal Security Center site and, unknown to them, triggers the specifically-formatted script. Unlike in normal blind XSS attacks, an attacker taking advantage of this vulnerability may be able to control, to some extent, the target output location for the payload script. Therefore an attacker with sufficient knowledge of the site may be able to use this vulnerability to gain access to areas which they are not normally permitted.

 

< Back to top

 

 

MITIGATION/WORKAROUND

Symantec engineers verified and resolved this issue, performing additional extensive testing of all site content. No customer upgrade is required.

 

Symantec is not aware of exploitation of or adverse impact from this finding.

 

< Back to top

 

 

ACKNOWLEDGEMENTS

  • Matthew Bryant (aka Mandatory)

 

< Back to top

 

REPORTING VULNERABILITIES TO SYMANTEC

Symantec takes the security and proper functionality of our products very seriously. As founding members of the Organization for Internet Safety (OISafety), Symantec supports and follows responsible disclosure guidelines.
Symantec has developed a Software Security Vulnerability Management Process document outlining the process we follow in addressing suspected vulnerabilities in our products.
Symantec Corporation firmly believes in a proactive approach to secure software development and implements security review into various stages of the software development process. Additionally, Symantec is committed to the security of its products and services as well as to its customers’ data. Symantec is committed to continually improving its software security process.
This document provides an overview of the current Secure Development Lifecycle (SDLC) practice applicable to Symantec’s product and service teams as well as other software security related activities and policies used by such teams. This document is intended as a summary and does not represent a comprehensive list of security testing and practices conducted by Symantec in the software development process.
Please contact secure@symantec.com if you believe you have discovered a security issue in a Symantec product. A member of the Symantec Software Security team will contact you regarding your submission to coordinate any required response. Symantec strongly recommends using encrypted email for reporting vulnerability information to secure@symantec.com.
The Symantec Software Security PGP key can be found at the following location:
COPYRIGHT (C) BY SYMANTEC CORP.
Permission to redistribute this alert electronically is granted as long as it is not edited in any way unless authorized by Symantec Software Security. Reprinting the whole or part of this alert in any medium other than electronically requires permission from secure@symantec.com.
Last modified on: August 31, 2016
Security Response Blog
The State of Spam