Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Web Application Potentially Sensitive CGI Parameter Detection

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Web Application Potentially Sensitive CGI Parameter Detection

L2 Linker

Need to check any advisory released by Palo Alto on the above mentioned Vulnerability and make sure that it does not leak any confidential information, or sensitive data will not be disclosed.

 

Description:

According to their names, some CGI parameters may control sensitive data (e.g., ID, privileges, commands, prices, credit card data, etc.). In the course of using an application, these variables may disclose sensitive data or be prone to tampering that could result in privilege escalation. These parameters should be examined to determine what type of data is controlled and if it poses a security risk.
---------------------------------------------------------------------------------------------------

VA Scan Output:

Name:Web Application Potentially Sensitive CGI Parameter Detection

Port:443

Sypnosis:

An application was found that may use CGI parameters to control sensitive information.

Description:

"According to their names, some CGI parameters may control sensitive

data (e.g., ID, privileges, commands, prices, credit card data, etc.).

In the course of using an application, these variables may disclose

sensitive data or be prone to tampering that could result in privilege

escalation.  These parameters should be examined to determine what

 

type of data is controlled and if it poses a security risk.

** This plugin only reports information that may be useful for auditors

** or pen-testers, not a real flaw."

Solution:

Ensure sensitive data is not disclosed by CGI parameters.  In

addition, do not use CGI parameters to control access to resources or

privileges.

Plugin Output:

Potentially sensitive parameters for CGI /php/login.php :

user : Potential horizontal privilege escalation - try another user ID

passwd : Possibly a clear or hashed password, vulnerable to dictionary attack

-----------------------------------------------------------------------------------------------------------------------------------------

No information about this vulnerability on Threat Vault and Security advisories in Palo Alto.

Relevant Information and articles:

 

1. Tenable: https://www.tenable.com/plugins/nessus/40773.
2. Live Community article: https://live.paloaltonetworks.com/t5/threat-vulnerability-discussions/high-vulnerabilities-pan-os-re...

Please suggest any mitigation steps given by Palo Alto or is there any other recommendations given by PaloAlto on this.

Any PAN-OS versions where this is addressed.

 

1 REPLY 1

L2 Linker

Hi Team,

 

Opened ticket with PA TAC and got the response as below.

 

Web Application Potentially Sensitive CGI Parameter Detection. This is an information only and not an actual vulnerability. If there's any specific exploit/vulnerability, please share the PoC (Proof-of-Concept) as well as the CVE tracking number.

https://www.tenable.com/plugins/nessus/40773

"This plugin only reports information that may be useful for auditors or pen-testers, not a real flaw. No action required since it is not an actual vulnerability but information only."

 

 

 

  • 2214 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!