SB2021011102 - Multiple vulnerabilities in Marvell QConvergeConsole GUI

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Path traversal (CVE-ID: CVE-2020-5804)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences within the "deleteEventLogFile" method of the "GWTTestServiceImpl" class. A remote authenticated attacker can send a specially crafted HTTP request and delete arbitrary files on the system.

2) Cleartext storage of sensitive information (CVE-ID: CVE-2020-5805)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the affected software stores the user credentials in plain text within "tomcat-users.xml". A remote attacker can use the plaintext credentials to login to QCC.

3) Path traversal (CVE-ID: CVE-2020-5803)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences within the "deleteAppFile" method of the "GWTTestServiceImpl" class. A remote authenticated attacker can send a specially crafted HTTP request and delete arbitrary files on the system.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

• https://www.tenable.com/security/research/tra-2021-01
• https://www.tenable.com/security/research/tra-2020-56