HTTP: Patrowl PatrowlManager Unrestricted File Upload
This signature detects attempts to exploit a known cross-site scripting vulnerability against Patrowl's PatrowlManager. It is due to insufficient validation of user-supplied input. Attackers can steal cookie-based authentication credentials and launch other attacks.
Extended Description
PatrOwl is a free and open-source solution for orchestrating Security Operations. In versions prior to 1.7.7 PatrowlManager unrestrictly handle upload files in the findings import feature. This vulnerability is capable of uploading dangerous type of file to server leading to XSS attacks and potentially other forms of code injection. Users are advised to update to 1.7.7 as soon as possible. There are no known workarounds for this issue.
Affected Products
Patrowl patrowlmanager
Short Name
HTTP:CTS:PATROWL-MNGR-UNRSTD-FU
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2021-43829 File Patrowl PatrowlManager Unrestricted Upload
Release Date
05/11/2022
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3491
False Positive
Unknown
Vendors
Patrowl