https://live.paloaltonetworks.com/t5/advanced-threat-prevention/web-application-potentially-sensitive-cgi-parameter-detection/m-p/572844#M2078 <P>Need to check any advisory released by Palo Alto on the above mentioned Vulnerability and make sure that it does not leak any confidential information, or sensitive data will not be disclosed.</P> <P>&nbsp;</P> <P>Description:</P> <P><SPAN>According to their names, some CGI parameters may control sensitive data (e.g., ID, privileges, commands, prices, credit card data, etc.). In the course of using an application, these variables may disclose sensitive data or be prone to tampering that could result in privilege escalation. These parameters should be examined to determine what type of data is controlled and if it poses a security risk.</SPAN><BR />---------------------------------------------------------------------------------------------------</P> <P>VA Scan Output:</P> <P>Name:Web Application Potentially Sensitive CGI Parameter Detection</P> <P>Port:443</P> <P>Sypnosis:</P> <P>An application was found that may use CGI parameters to control sensitive information.</P> <P>Description:</P> <P>"According to their names, some CGI parameters may control sensitive</P> <P>data (e.g., ID, privileges, commands, prices, credit card data, etc.).</P> <P>In the course of using an application, these variables may disclose</P> <P>sensitive data or be prone to tampering that could result in privilege</P> <P>escalation.&nbsp; These parameters should be examined to determine what</P> <P>&nbsp;</P> <P>type of data is controlled and if it poses a security risk.</P> <P>** This plugin only reports information that may be useful for auditors</P> <P>** or pen-testers, not a real flaw."</P> <P>Solution:</P> <P>Ensure sensitive data is not disclosed by CGI parameters.&nbsp; In</P> <P>addition, do not use CGI parameters to control access to resources or</P> <P>privileges.</P> <P>Plugin Output:</P> <P>Potentially sensitive parameters for CGI /php/login.php :</P> <P>user : Potential horizontal privilege escalation - try another user ID</P> <P>passwd : Possibly a clear or hashed password, vulnerable to dictionary attack</P> <P>-----------------------------------------------------------------------------------------------------------------------------------------</P> <P>No information about this vulnerability on Threat Vault and Security advisories in Palo Alto.<BR /><BR />Relevant Information and articles:</P> <P>&nbsp;</P> <P>1. Tenable:&nbsp;<A href="https://www.tenable.com/plugins/nessus/40773" target="_blank">https://www.tenable.com/plugins/nessus/40773</A>.<BR />2. Live Community article:&nbsp;<A href="https://live.paloaltonetworks.com/t5/threat-vulnerability-discussions/high-vulnerabilities-pan-os-reported-by-vulnerability-management/td-p/513065" target="_blank">https://live.paloaltonetworks.com/t5/threat-vulnerability-discussions/high-vulnerabilities-pan-os-reported-by-vulnerability-management/td-p/513065</A><BR /><BR /></P> <P>Please suggest any mitigation steps given by Palo Alto or is there any other recommendations given by PaloAlto on this.</P> <P>Any PAN-OS versions where this is addressed.</P> <P>&nbsp;</P> Fri, 12 Jan 2024 08:44:46 GMT Purushotham 2024-01-12T08:44:46Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/web-application-potentially-sensitive-cgi-parameter-detection/m-p/572844#M2078 <P>Need to check any advisory released by Palo Alto on the above mentioned Vulnerability and make sure that it does not leak any confidential information, or sensitive data will not be disclosed.</P> <P>&nbsp;</P> <P>Description:</P> <P><SPAN>According to their names, some CGI parameters may control sensitive data (e.g., ID, privileges, commands, prices, credit card data, etc.). In the course of using an application, these variables may disclose sensitive data or be prone to tampering that could result in privilege escalation. These parameters should be examined to determine what type of data is controlled and if it poses a security risk.</SPAN><BR />---------------------------------------------------------------------------------------------------</P> <P>VA Scan Output:</P> <P>Name:Web Application Potentially Sensitive CGI Parameter Detection</P> <P>Port:443</P> <P>Sypnosis:</P> <P>An application was found that may use CGI parameters to control sensitive information.</P> <P>Description:</P> <P>"According to their names, some CGI parameters may control sensitive</P> <P>data (e.g., ID, privileges, commands, prices, credit card data, etc.).</P> <P>In the course of using an application, these variables may disclose</P> <P>sensitive data or be prone to tampering that could result in privilege</P> <P>escalation.&nbsp; These parameters should be examined to determine what</P> <P>&nbsp;</P> <P>type of data is controlled and if it poses a security risk.</P> <P>** This plugin only reports information that may be useful for auditors</P> <P>** or pen-testers, not a real flaw."</P> <P>Solution:</P> <P>Ensure sensitive data is not disclosed by CGI parameters.&nbsp; In</P> <P>addition, do not use CGI parameters to control access to resources or</P> <P>privileges.</P> <P>Plugin Output:</P> <P>Potentially sensitive parameters for CGI /php/login.php :</P> <P>user : Potential horizontal privilege escalation - try another user ID</P> <P>passwd : Possibly a clear or hashed password, vulnerable to dictionary attack</P> <P>-----------------------------------------------------------------------------------------------------------------------------------------</P> <P>No information about this vulnerability on Threat Vault and Security advisories in Palo Alto.<BR /><BR />Relevant Information and articles:</P> <P>&nbsp;</P> <P>1. Tenable:&nbsp;<A href="https://www.tenable.com/plugins/nessus/40773" target="_blank">https://www.tenable.com/plugins/nessus/40773</A>.<BR />2. Live Community article:&nbsp;<A href="https://live.paloaltonetworks.com/t5/threat-vulnerability-discussions/high-vulnerabilities-pan-os-reported-by-vulnerability-management/td-p/513065" target="_blank">https://live.paloaltonetworks.com/t5/threat-vulnerability-discussions/high-vulnerabilities-pan-os-reported-by-vulnerability-management/td-p/513065</A><BR /><BR /></P> <P>Please suggest any mitigation steps given by Palo Alto or is there any other recommendations given by PaloAlto on this.</P> <P>Any PAN-OS versions where this is addressed.</P> <P>&nbsp;</P> Fri, 12 Jan 2024 08:44:46 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/web-application-potentially-sensitive-cgi-parameter-detection/m-p/572844#M2078 Purushotham 2024-01-12T08:44:46Z https://live.paloaltonetworks.com/t5/advanced-threat-prevention/web-application-potentially-sensitive-cgi-parameter-detection/m-p/577616#M2094 <P>Hi Team,</P> <P>&nbsp;</P> <P>Opened ticket with PA TAC and got the response as below.</P> <P>&nbsp;</P> <P><SPAN>Web Application Potentially Sensitive CGI Parameter Detection. This is an information only and not an actual vulnerability. If there's any specific exploit/vulnerability, please share the PoC (Proof-of-Concept) as well as the CVE tracking number.</SPAN><BR /><BR /><A href="https://www.tenable.com/plugins/nessus/40773" target="_blank" rel="noopener">https://www.tenable.com/plugins/nessus/40773</A><BR /><BR /><SPAN>"This plugin only reports information that may be useful for auditors or pen-testers, not a real flaw. No action required since it is not an actual vulnerability but information only."</SPAN></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> Mon, 19 Feb 2024 05:16:28 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/web-application-potentially-sensitive-cgi-parameter-detection/m-p/577616#M2094 Purushotham 2024-02-19T05:16:28Z