CVE-2023-32792: Multiple Vulnerabilities Nxlog Manager | INCIBE-CERT

Affected Resources

NXLog Manager, 5.6.5633 version.

Description

INCIBE has coordinated the publication of 3 vulnerabilities in NXLog Manager, an agent management and monitoring console, which has been discovered by Juampa Rodríguez.

These vulnerabilities have been assigned the following codes:

• CVE-2023-32790:
  • CVSS v3.1 base score: 4,6.
  • CVSS vector string: AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L.
  • Vulnerability type: CWE-79: improper neutralization of input during web page generation (‘Cross-site Scripting’).
• CVE-2023-32791:
  • CVSS v3.1 base score: 6,5.
  • CVSS vector string:AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N.
  • Vulnerability type: CWE-352: Cross-Site Request Forgery (CSRF).
• CVE-2023-32792:
  • CVSS v3.1 base score: 6,5.
  • CVSS vector string: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N.
  • Vulnerability type: CWE-352: Cross-Site Request Forgery (CSRF).

Solution

No solution has been identified at this time.

Detail

• CVE-2023-32790: Cross-Site Scripting (XSS) vulnerability in NXLog Manager. This vulnerability allows an attacker to inject a malicious JavaScript payload into the ‘Full Name’ field during a user edit, due to improper sanitization of the input parameter.
• CVE-2023-32791: Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager. This vulnerability allows an attacker to manipulate and delete user accounts within the platform by sending a specifically crafted query to the server. The vulnerability is based on the lack of proper validation of the origin of incoming requests.
• CVE-2023-32792: Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager. This vulnerability allows an attacker to eliminate roles within the platform by sending a specifically crafted query to the server. The vulnerability is based on the absence of proper validation of the origin of incoming requests.