Saltar a la navegación Saltar al contenido principal Ir al pie de página

Symantec Backup Exec 2012 – Persistent XSS Vulnerability Affecting Custom Reports

Summary

Name: Symantec Backup Exec 2012 – Persistent XSS Vulnerability Affecting Custom Reports
Release Date: 2 October 2013
Reference: NGS00341
Discoverer: Daniele Costa 
Vendor: Symantec
CVE Reference: CVE-2013-4676
Systems Affected: Symantec Backup Exec 2012
Risk: High
Status: Published

TimeLine

Discovered: 10 July 2012
Released: 10 July 2012
Approved: 10 July 2012
Reported: 10 July 2012
Fixed: 1 August 2013
Published: 30 September 2013

Description

Symantec Backup Exec 2012 – Persistent XSS Vulnerability Affecting Custom Reports.

I. VULNERABILITY

Symantec Backup Exec 2012 is vulnerable to stored XSS issues affecting the
custom reports. This is exploitable as an authenticated user and can be demonstrated using an XSS payload within the report footer.

II. BACKGROUND

Symantec Backup Exec 2012 is a backup solution.

III. DESCRIPTION

A stored XSS vulnerbility has been found and confirmed within the software as an authenticated user. This is the latest version of Backup Exec.

Technical Details

IV. PROOF OF CONCEPT

  • Create a custom report
  • select some fields for the report and click ok to save it

  • In Reports > Footer, add the following text:

BAD #x22; #x3e; #x3c; #x73; #x63; #x72; #x69; #x70; #x74; #x3e; #
x61; #x6c; #x65; #x72; #x74; #x28; #x22; #x58; #x53; #x53; #x22;
#x29; #x3b; #x3c; #x2f; #x73; #x63; #x72; #x69; #x70; #x74; #x3e;FOOTER