www.belgium.be Logo of the federal government

Warning: High-severity XSS vulnerability in Axigen mail server software

Referentie: 
Advisory #2023-141
Versie: 
1.0
Geïmpacteerde software: 
Axigen 10.3.3.0 until and including Axigen 10.3.3.60
Axigen 10.4.0 until and including Axigen 10.4.23
Axigen 10.5.0 until and including Axigen 10.5.9
Type: 
Cross-Site Scripting (XSS)
CVE/CVSS: 

CVE-2023-49101 / 7.8 High

Datum: 
27/11/2023

Bronnen

Axigen - https://www.axigen.com/knowledgebase/Axigen-WebAdmin-XSS-Vulnerability-CVE-2023-49101-_400.html

Risico’s

The Cross-Site Scripting vulnerability affecting Axigen's mail server software allows an attacker to access the administrator's interface.

Beschrijving

CVE-2023-49101 - Cross-Site Scripting (XSS) vulnerability

The vulnerability allows an attacker to run arbitrary Javascript code and carry out a cross-site scripting attack against a vulnerable system.

Exploitation of this flaw requires attackers to send a phishing email (or other type of message) to an administrator containing a crafted link. Once the link is opened by the administrator, provided there is an active admin session, attackers can run arbitrary Javascript code that can retrieve the administrator's session cookie. Attackers can then use this cookie to impersonate the administrator in the Axigen mail server software to access its administrative interface.

Aanbevolen acties

The Centre for Cyber Security Belgium strongly recommends system administrators to visit the adequate for the version Axigen updates page to download and install the patched version of this software.

Axigen's updates pages: