01-12-2024 12:44 AM
Need to check any advisory released by Palo Alto on the above mentioned Vulnerability and make sure that it does not leak any confidential information, or sensitive data will not be disclosed.
Description:
According to their names, some CGI parameters may control sensitive data (e.g., ID, privileges, commands, prices, credit card data, etc.). In the course of using an application, these variables may disclose sensitive data or be prone to tampering that could result in privilege escalation. These parameters should be examined to determine what type of data is controlled and if it poses a security risk.
---------------------------------------------------------------------------------------------------
VA Scan Output:
Name:Web Application Potentially Sensitive CGI Parameter Detection
Port:443
Sypnosis:
An application was found that may use CGI parameters to control sensitive information.
Description:
"According to their names, some CGI parameters may control sensitive
data (e.g., ID, privileges, commands, prices, credit card data, etc.).
In the course of using an application, these variables may disclose
sensitive data or be prone to tampering that could result in privilege
escalation. These parameters should be examined to determine what
type of data is controlled and if it poses a security risk.
** This plugin only reports information that may be useful for auditors
** or pen-testers, not a real flaw."
Solution:
Ensure sensitive data is not disclosed by CGI parameters. In
addition, do not use CGI parameters to control access to resources or
privileges.
Plugin Output:
Potentially sensitive parameters for CGI /php/login.php :
user : Potential horizontal privilege escalation - try another user ID
passwd : Possibly a clear or hashed password, vulnerable to dictionary attack
-----------------------------------------------------------------------------------------------------------------------------------------
No information about this vulnerability on Threat Vault and Security advisories in Palo Alto.
Relevant Information and articles:
1. Tenable: https://www.tenable.com/plugins/nessus/40773.
2. Live Community article: https://live.paloaltonetworks.com/t5/threat-vulnerability-discussions/high-vulnerabilities-pan-os-re...
Please suggest any mitigation steps given by Palo Alto or is there any other recommendations given by PaloAlto on this.
Any PAN-OS versions where this is addressed.
02-18-2024 09:16 PM
Hi Team,
Opened ticket with PA TAC and got the response as below.
Web Application Potentially Sensitive CGI Parameter Detection. This is an information only and not an actual vulnerability. If there's any specific exploit/vulnerability, please share the PoC (Proof-of-Concept) as well as the CVE tracking number.
https://www.tenable.com/plugins/nessus/40773
"This plugin only reports information that may be useful for auditors or pen-testers, not a real flaw. No action required since it is not an actual vulnerability but information only."
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
