HTTP: ZOHO WebNMS Framework CVE-2016-6602 Security Bypass

This signature detects attempts to exploit a known vulnerability against ZOHO WebNMS Framework. A successful attack can lead to sensitive information disclosure.

Extended Description

ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to WEB-INF/conf/securitydbData.xml. NOTE: this issue can be combined with CVE-2016-6601 for a remote exploit.

Affected Products

Zohocorp webnms_framework

References

BugTraq: 92402

CVE: CVE-2016-6602

Short Name
HTTP:CTS:ZOHO-CVE-2016-6602-SB
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Bypass CVE-2016-6602 Framework Security WebNMS ZOHO bid:92402
Release Date
04/23/2020
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3337
False Positive
Unknown
Vendors

Zohocorp

CVSS Score

5.0

Found a potential security threat?