SQL Injection Vulnerability FIx

SQL Injection Vulnerability FIx


Vulnerability: Blind SQL injection (unauthenticated)

Fix: Upgrade to Social IT vXXXX; OpManager vXXXX; IT360 vXXXX

Constraints: no authentication needed for OpManager and Social IT; authenticated in IT360

a)

POST /servlet/com.manageengine.opmanager.servlet.UpdateProbeUpgradeStatus?upgradeStatus=success&probeName=[SQLi]

POST /servlet/com.manageengine.opmanager.servlet.UpdateProbeUpgradeStatus?upgradeStatus=success&probeName=aaa'%3bcreate+table+bacas+(agga+text)%3b--+

b)

POST /servlet/APMBVHandler?OPERATION_TYPE=Delete&OPM_BVNAME=[SQLi]

POST /servlet/APMBVHandler?OPERATION_TYPE=Delete&OPM_BVNAME=aaa'%3bcreate+table+pulicia+(bolas+text)%3b--+ 


c)c)

POST /servlet/DataComparisonServlet?operation=compare&numPrimaryKey=1337&query=[SQLi] --> runs direct query in db!

POST /servlet/DataComparisonServlet?operation=compare&numPrimaryKey=1337&query=create+table+panicia+(bolos+text)


Fix for the above vulnerability(compatible for 11300 and 11400)

1)Download the attached zip file and extract it under /OpManager

2)Stop and Start OpManager


Please follow the below steps for 11600

1) take a backup of web.xml from \opmanager\web-inf\ folder

2) replace the uploaded web.xml 

https://uploads.zohocorp.com/Internal_Useruploads/dnd/OpManager/o_1ac9n1gh21egi152311fv1465o2g1/web.xml

3) stop and start opmanager service.

Change made in the file is:

<!--servlet-mapping> 
<servlet-name>com.adventnet.me.opmanager.servlet.APMIntegBusinessViewHandler</servlet-name> 
<url-pattern>/servlet/APMBVHandler</url-pattern> 
</servlet-mapping-->


      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial
                  Start your free trial

                    • Related Articles

                    • Servlet Vulnerability Fix

                      This fix is compatible only for build 11300(OpManager and Social IT Plus).  Please follow these steps. 1)Download the attached zip file and extract it under /OpManager 2)Stop and Start OpManager Note: This zip file contains the fix for these ...

                    • PGSQL:SubmitQuery.do vulnerability (CVE-2015-7765, CVE-2015-7766)

                      http://seclists.org/fulldisclosure/2015/Sep/66 Vulnerability Detail: Any account that has access to the web interface with Administrator rights has the possibility to use a web form to execute SQL queries on the backend PostgreSQL instance. By ...

                    • CVE-2014-7866 : Fix for Remote code execution via file upload vulnerability

                      Details of Vulnerability: Vulnerability: Remote code execution via file upload (unauthenticated  on OpManager and Social IT)  CVE-2014-7866  Constraints: no authentication needed for OpManager and Social IT;  authenticated in IT360  a)  POST ...

                    • Vulnerabilities in FailOverHelperServlet

                      Vulnerabilities in FailoverHelperServlet.  >> Technical details:  The affected servlet is the "FailOverHelperServlet" or if you prefer  FailServlet.   It is possible to hijack the failover operation completely.  #1  Vulnerability: Local file include  ...

                    • Vulnerabilities in OpManager 12.0

                      VULNERABILITY DETAILS(found in build 12000) Vulnerability 1: Unrestricted File Upload:  OpManager fails to validate or improperly validates files before uploading to the system. As a result an attacker might be able to upload arbitrary JSP file and ...

                      Related Products