CSR Update fixes CVE-2021-23884
Found Version
The CVE-2021-23884 impacts Content Security Reporter prior to 2.8.0.
Description
This vulnerability only happens through on-premises ePO™ servers. The attacker would need to be on the same network as the ePO™ server, and know an ePO™ administrator's credentials, to exploit this vulnerability. The credentials for obtaining logs from Web Gateway and Web Gateway Cloud Server are configured in different parts of the ePO™ extension. The best practice is to have different passwords for each service. The passwords exposed through this vulnerability are stored encrypted in the CSR database, both before and post this fix.
CVE-2021-23884
Cleartext Transmission of Sensitive Information vulnerability in the ePO™ Extension of Content Security Reporter prior to 2.8.0 allows an ePO™ administrator to view the unencrypted password of the Web Gateway or the password of the Web Gateway Cloud Server read only user used to retrieve log files for analysis in Content Security Reporter.
https://nvd.nist.gov/vuln/detail/CVE-2021-23884
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23884
Remediation
To remediate this issue , the minimum version to upgrade is 2.8.0 or use the latest Content Security Reporter 2.9.1.
The installation files are available from here :
https://www.trellix.com/en-us/downloads/my-products.html
Installation or Upgrade
Installation, please use the link below:
Content Security Reporter Installation
Upgrade Content Security Reporter, please use the link below:
Upgrade Content Security Reporter