Issues » Information disclosure through unauthenticated and unused scripts

Issue: SI-21
Date: Apr 21, 2014, 7:00:00 AM
Severity: Critical
Requires Admin Access: No
Fix Version: 2.5.4
Credit: it.sec GmbH & Co. KG – Hans-Martin Münch & Markus Piéton
Description:

A attacker can use the discovered scripts to obtain a information about the server and it’s configuration. Including the internal IP address, hostname and other dotCMS configuration parameters. This can be leveraged in later attacks to further attack the system.

Mitigation:

Use a web application firewall that blocks external access to the unauthenticated scripts.  These firewalls also blocks external access to .jsps and other URLs in the system that can be exploited.  The firewalls can also attempt to filter any requests attempting to exploit XSS vulnerabilities in a customer’s implementation.  We generally recommend using a firewall in this way.