{"vuid":"VU#745607","idnumber":"745607","name":"Accellion FTP server contains information exposure and cross-site scripting vulnerabilities","keywords":["disclosure","xss"],"overview":"The Accellion FTP server prior to version FTA_9_12_220 is vulnerable to cross-site scripting and information exposure.","clean_desc":"CWE-204: Response Discrepancy Information Exposure - CVE-2016-9499 Accellion FTP server only returns the username in the server response if the a username is invalid. An attacker may use this information to determine valid user accounts and enumerate them. CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) - CVE-2016-9500 Accellion FTP server uses the Accusoft Prizm Content flash component, which contains multiple parameters (customTabCategoryName, customButton1Image) that are vulnerable to cross-site scripting. For more information, please see Qualys's security advisory.","impact":"A remote attacker may be able to enumerate user accounts on the Accellion FTP server or may conduct reflected cross-site scripting attacks.","resolution":"Apply an update Both issues have been addressed in the most recent version FTA_9_12_220, released on 31 January 2017. Previously, CVE-2016-9500 was addressed in FTA_9_12_160 released on 29 November 2016.","workarounds":"","sysaffected":"","thanks":"Thanks to Ashish Kamble for reporting this vulnerability.","author":"This document was written by Garret Wassermann.","public":["https://www.qualys.com/2016/12/06/qsa-2016-12-06/qsa-2016-12-06.pdf","http://cwe.mitre.org/data/definitions/80.html","http://cwe.mitre.org/data/definitions/204.html"],"cveids":["CVE-2016-9499","CVE-2016-9500"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2016-12-09T16:31:57Z","publicdate":"2017-01-31T00:00:00Z","datefirstpublished":"2017-02-08T16:27:03Z","dateupdated":"2017-02-08T16:27:04Z","revision":30,"vrda_d1_directreport":"1","vrda_d1_population":"2","vrda_d1_impact":"2","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"N","cvss_accesscomplexity":"M","cvss_authentication":null,"cvss_confidentialityimpact":"P","cvss_integrityimpact":"N","cvss_availabilityimpact":"N","cvss_exploitablity":null,"cvss_remediationlevel":"OF","cvss_reportconfidence":"C","cvss_collateraldamagepotential":"ND","cvss_targetdistribution":"M","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"4.3","cvss_basevector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","cvss_temporalscore":"3.4","cvss_environmentalscore":"2.52290112102","cvss_environmentalvector":"CDP:ND/TD:M/CR:ND/IR:ND/AR:ND","metric":0.0,"vulnote":null}