Minor Microsoft System Center Operations Manager XSS Vulnerabilities

January 8, 2013 by Corey Nachreiner 1 Comment

Besides all the Windows and Windows component-related bulletins from today, Microsoft also released a relatively minor bulletin about two cross-site scripting (XSS) vulnerabilities that affect Microsoft System Center Operations Manager (SCOM) 2007.

For those unaware of this specialized product, SCOM is a centralized, cross-platform management system for 0perating systems and hypervisors, targeted to data centers. It basically helps network operators monitor the health of all their systems, and offers these management capabilities via a web interface.

According to today’s security bulletin, SCOM’s web console suffers from two XSS vulnerabilities. If an attacker knows you use Microsoft SCOM, and can entice you to click on a specially crafted URL, she could exploit this flaw to execute script in your browsers with your privileges. Among other things, this could allow the attacker to do anything on your SCOM server that you could do.

I don’t suspect the majority of WatchGuard’s customers use SCOM, and even if you do, it’s relatively difficult for an attacker to know whether you use it or not. So I doubt many attackers will leverage this vulnerability in the wild. That said, if you do use SCOM, you should apply Microsoft’s update. Furthermore, if you use one of our XTM appliances with the IPS service, we have a signature (EXPLOIT Microsoft SCOM Web Console XSS Vulnerability) that detects this XSS attack. — Corey Nachreiner, CISSP (@SecAdept)

Editorial Articles
, , , , , , , ,

About Corey Nachreiner

Corey Nachreiner has been with WatchGuard since 1999 and has since written more than a thousand concise security alerts and easily-understood educational articles for WatchGuard users. His security training videos have generated hundreds of letters of praise from thankful customers and accumulated more than 100,000 views on YouTube and Google Video. A Certified Information Systems Security Professional (CISSP), Corey speaks internationally and is often quoted by other online sources, including C|NET, eWeek, and Slashdot. Corey enjoys "modding" any technical gizmo he can get his hands on, and considers himself a hacker in the old sense of the word.
View all posts by Corey Nachreiner

Trackbacks/Pingbacks

  1. WatchGuard Security Week in Review: Episode 46 – Piles of Patches | WatchGuard Security Center - January 11, 2013

    [...] Minor Systems Center Operations Manager alert - WGSC [...]

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 7,114 other followers

%d bloggers like this: