Published:2023/08/18  Last Updated:2023/08/18

JVN#19661362
Multiple vulnerabilities in Proself
Critical

Overview

Proself provided by North Grid Corporation contains multiple vulnerabilities.

Products Affected

  • Proself Enterprise/Standard Edition Ver5.61 and earlier
  • Proself Gateway Edition Ver1.62 and earlier
  • Proself Mail Sanitize Edition Ver1.07 and earlier

Description

Proself provided by North Grid Corporation is an online storage server software. Proself contains multiple vulnerabilities listed below.

  • Improper authentication (CWE-287) - CVE-2023-39415
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Base Score: 7.5
    CVSS v2 AV:N/AC:L/Au:N/C:P/I:N/A:N Base Score: 5.0
  • OS command injection (CWE-78) - CVE-2023-39416
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Base Score: 7.2
    CVSS v2 AV:N/AC:L/Au:S/C:P/I:P/A:P Base Score: 6.5
The developer states that attacks exploiting these vulnerabilities have been observed.

Impact

  • A remote unauthenticated attacker may log in to the product's Control Panel and perform an unintended operation - CVE-2023-39415
  • An arbitrary OS command may be executed by an attacker who can log in to the product with an administrative privilege - CVE-2023-39416

Solution

Update the Software
Update the software to the latest version according to the information provided by the developer.

Apply the workaround
Until the software is updated, the following workaround are recommended to mitigate the impact of the vulnerabilities.

  • Delete the following two files under "Proself install folder/webapps/proself/WEB-INF/xml/process/external/admin"
    • downloadhistory.xml
    • setclustermyid.xml

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

North Grid Corporation reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. JPCERT/CC and North Grid Corporation coordinated under the Information Security Early Warning Partnership.

Other Information

JPCERT Alert JPCERT-AT-2023-0014
Alert Regarding Authentication Bypass and Remote Code Execution vulnerabilities in Proself (Text in Japanese)
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2023-39415
CVE-2023-39416
JVN iPedia JVNDB-2023-000078