This document will list out the Vulnerabilities detected on Browser Security Plus and the fix for each.
Vulnerability fixed in build number 10091
- Security issues like filetype mismatch, privilege elevation of users in web console and HTML injection have been fixed.
- SQL injection issue has been fixed.
- Authentication mechanism for servlets has been improved.
Vulnerability fixed in build number 10087
- SQL injection issue which allowed placement of malicious code in SQL statements in web page input.
- Script injection issue where user-input to a web script was placed into the output HTML without being checked for HTML code or scripting
- Privilege elevation issue where a lower privilege user could execute higher privilege tasks on the Browser Security Plus console
- Filetypes mismatch verification.
- Authentication mechanism in servlets.
Vulnerability fixed in build number 10082
- Exposure of sensitive information like customer's domain, port and IP address in the product console has been fixed.
Vulnerabilities fixed in build number 10057:
- Information exposure in application logs.
- Cross Site Scripting Vulnerability (XSS) during login.
- Local privilege escalation - usage of the default installation directory, "C:/ManageEngine" gave rise to the vulnerability that any locally authenticated user was able to view/add/delete/modify files under "C:/ManageEngine". Hence, as a security practice, we have switched to " <PROGRAM_FILES>\ManageEngine\BrowserSecurityPlus" as the default installation directory.
- Local privilege escalation for PGSQL - Users with system access could access the database that requires admin privilege.
- Blind SQL injection in tables.
Upgrade to the latest build to get these issues fixed.