Published:2021/07/19  Last Updated:2021/07/19

JVN#86026700
Multiple vulnerabilities in GroupSession

Overview

GroupSession provided by Japan Total System Co.,Ltd. contains multiple vulnerabilities.

Products Affected

  • GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0
  • GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0
  • GroupSession ZION from ver3.0.3 to the version prior to ver5.1.0

Description

GroupSession provided by Japan Total System Co.,Ltd. contains multiple vulnerabilities listed below.

  • Cross-site scripting vulnerability (CWE-79) - CVE-2021-20785
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score: 6.1
    CVSS v2 AV:N/AC:H/Au:N/C:N/I:P/A:N Base Score: 2.6
  • Cross-site request forgery (CWE-352) - CVE-2021-20786
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Base Score: 4.3
    CVSS v2 AV:N/AC:H/Au:N/C:N/I:P/A:N Base Score: 2.6
  • Cross-site scripting vulnerability (CWE-79) - CVE-2021-20787
  • CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score: 6.1
    CVSS v2 AV:N/AC:H/Au:N/C:N/I:P/A:N Base Score: 2.6
  • Sever-side request forgery (CWE-918) - CVE-2021-20788
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N Base Score: 5.0
    CVSS v2 AV:N/AC:L/Au:S/C:P/I:N/A:N Base Score: 4.0
  • Open redirect (CWE-601) - CVE-2021-20789
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N Base Score: 4.7
    CVSS v2 AV:N/AC:H/Au:N/C:N/I:P/A:N Base Score: 2.6

Impact

  • If a user sends a specially crafted request to a specific URL while logged in to the product with an administrative account, an arbitrary script may be executed - CVE-2021-20785, CVE-2021-20787
  • If a user accesses a specially crafted URL while logged in to the product with an administrative account, the product's settings may be changed unintentionally - CVE-2021-20786
  • A user who can access the bookmark function of the software may conduct a port scan from the product and/or obtain information from the internal Web server - CVE-2021-20788
  • When accessing a specially crafted URL, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack - CVE-2021-20789

Solution

Update the software
Update the software to the latest version according to the information provided by the developer.
The developer has released the fixed version ver5.1.0.

Vendor Status

Vendor Status Last Update Vendor Notes
Japan Total System Co.,Ltd. Vulnerable 2021/07/19 Japan Total System Co.,Ltd. website

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

CVE-2021-20785, CVE-2021-20786
ASAI Ken reported these vulnerabilities to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

CVE-2021-20787, CVE-2021-20788, CVE-2021-20789
Ryo Sato reported these vulnerabilities to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2021-20785
CVE-2021-20786
CVE-2021-20787
CVE-2021-20788
CVE-2021-20789
JVN iPedia JVNDB-2021-000070

Update History

2021/07/19
Fixed some errors in the section under [Description].