Release Date: 30-Apr-2009

Last Update: –

Vendor Notification Date: 23-Apr-2009

Product: Infor SCM SupplyWEB

Platform: Windows (verified), possibly others

Affected versions: 10.1.2 (verified), possibly others

Severity Rating: Medium

Impact: XSS issue: cookie/credential theft, impersonation, loss
of confidentiality

Authorisation issue: loss of confidentiality

Local file inclusion: loss of confidentiality

Attack Vector: XSS issue: remote by authenticated/unauthenticated
user (depending on application component).

Authorisation issue: remote without authentication.

Local file inclusion issue: remote by authenticated
user.

Solution Status: Currently no solution

CVE reference: CVE-2009-1793
CVE-2009-1795
CVE-2009-1794

Details

Infor SCM SupplyWEB is a web-enabled Supplier Relationship Management solution. During an application penetration test Sense of Security identified multiple vulnerabilities within this application, including: Cross-site Scripting (XSS), insufficient access control, and Local File Inclusion problems.

Please refer to the PDF version of this advisory  for proof of concept code examples.

Solution

The vendor has been advised of the issue, but has not yet issued a fix.

Discovered By

Brett Gervasoni from Sense of Security Labs.