Banner Student suffers from cross site scripting, information disclosure, user enumeration, and open redirect vulnerabilities. Versions affected range through 8.5.1.2 to 8.7.
ac1224d3a2c05dfbbfdcac9ff7ec8f63d106fdc3c9fd7d2a3d28f25b3baf9aacPrevious CVEs for Banner Student were filed under vendor SunGard. All vulnerabilities are fixed in patch pcr-000134142_bws8070102, in latest version of the product (8.7.1.2) as of November 26, 2015.
-----
Product: Banner Student
Vendor: Ellucian Company L.P.
Vulnerable Version: 8.5.1.2 - 8.7
Tested Version: 8.7
Vendor Notification: June 18, 2015
Public Disclosure: December 2, 2015
Vulnerability Type: URL Redirection to Untrusted Site ('Open Redirect') [CWE-601]
CVE Reference: CVE-2015-5054
Risk Level: Medium
CVSSv2 Base Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)
CVSSv3 Base Score: 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
Mitigation: None, Upgrade to 8.7.1.2
Discovered and Provided: RiskSense, Inc.
Advisory Details:
Open Redirect in Ellucian Banner Student: CVE-2015-5054
A user can be redirected to a malicious page when a link is clicked from a crafted URL.
References:
[1] Ellucian Company L.P. - http://www.ellucian.com/
[2] Banner Student - http://www.ellucian.com/Software/Banner-Student/
[3] OWASP A10 - https://www.owasp.org/index.php/Top_10_2013-A10-Unvalidated_Redirects_and_Forwards
[4] CWE-601 - https://cwe.mitre.org/data/definitions/601.html
-----
Product: Banner Student
Vendor: Ellucian Company L.P.
Vulnerable Version: 8.5.1.2
Tested Version: 8.5.1.2
Vendor Notification: June 18, 2015
Public Disclosure: December 2, 2015
Vulnerability Type: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') [CWE-79]
CVE Reference: CVE-2015-4687
Risk Level: Medium
CVSSv2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSSv3 Base Score: 6.1 (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
Mitigation: None, Upgrade to 8.7.1.2
Discovered and Provided: Ellucian Company L.P.
Advisory Details:
Reflected Cross-Site Scripting (XSS) in Ellucian Banner Student: CVE-2015-4687
Unsanitized data input from application parameters allows an attacker to execute arbitrary JavaScript code using a malicious URL.
References:
[1] Ellucian Company L.P. - http://www.ellucian.com/
[2] Banner Student - http://www.ellucian.com/Software/Banner-Student/
[3] OWASP A3 - https://www.owasp.org/index.php/Top_10_2013-A3-Cross-Site_Scripting_(XSS)
[4] CWE-79 - https://cwe.mitre.org/data/definitions/79.html
-----
Product: Banner Student
Vendor: Ellucian Company L.P.
Vulnerable Version: 8.5.1.2 - 8.7
Tested Version: 8.7
Vendor Notification: June 18, 2015
Public Disclosure: December 2, 2015
Vulnerability Type: Information Exposure Through Discrepancy [CWE-203]
CVE Reference: CVE-2015-4688
Risk Level: Medium
CVSSv2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSSv3 Base Score: 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Mitigation: None, Upgrade to 8.7.1.2
Discovered and Provided: Ellucian Company L.P.
Advisory Details:
User Enumeration in Ellucian Banner Student: CVE-2015-4688
Differences between server responses can be used to brute-force user accounts in the system.
References:
[1] Ellucian Company L.P. - http://www.ellucian.com/
[2] Banner Student - http://www.ellucian.com/Software/Banner-Student/
[3] OWASP A2 - https://www.owasp.org/index.php/Top_10_2013-A2-Broken_Authentication_and_Session_Management
[4] CWE-203 - https://cwe.mitre.org/data/definitions/203.html
-----
Product: Banner Student
Vendor: Ellucian Company L.P.
Vulnerable Version: 8.5.1.2 - 8.7
Tested Version: 8.7
Vendor Notification: June 18, 2015
Public Disclosure: December 2, 2015
Vulnerability Type: Weak Password Recovery Mechanism for Forgotten Password [CWE-640]
CVE Reference: CVE-2015-4689
Risk Level: Medium - High
CVSSv2 Base Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)
CVSSv3 Base Score: 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N)
Mitigation: None, Upgrade to 8.7.1.2
Discovered and Provided: Ellucian Company L.P.
Advisory Details:
Weak Password Reset in Ellucian Banner Student: CVE-2015-4689
An attacker is able to change login credentials of users through a weak password reset mechanism.
References:
[1] Ellucian Company L.P. - http://www.ellucian.com/
[2] Banner Student - http://www.ellucian.com/Software/Banner-Student/
[3] OWASP A2 - https://www.owasp.org/index.php/Top_10_2013-A2-Broken_Authentication_and_Session_Management
[4] CWE-640 - https://cwe.mitre.org/data/definitions/640.html
-----
RiskSense, Inc. Security Analysts: Dylan Davis, Sean Dillon, Zachary Harding
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed