Vulnerability CVE-2023-23956 in Web Agent
search cancel

Vulnerability CVE-2023-23956 in Web Agent

book

Article ID: 272635

calendar_today

Updated On: 03-13-2025

Products

SITEMINDER CA Single Sign On Agents (SiteMinder) CA Single Sign On Secure Proxy Server (SiteMinder)

Issue/Introduction


Priority vulnerability associated with SiteMinder Web Agent found, related to the following CVE-2023-23956 (1).

 

Environment

Applies to R12.52 and R12.8 Web Agents

Any OS

Cause

All the URLs below go to the same path:

   /siteminderagent/forms/smpwservices.fcc

The main difference is the parameter where the payload goes, but they are both related to password services.

 

 

In such cases, the problem is that the input that is entered on the USERNAME parameter is entered directly into the DOM with the method document.write(), which is inherently susceptible to XSS as it can insert HTML and JavaScript into the DOM.

 

Resolution


Add the following the Agent Configuration Object (ACO) parameters (2):

  • FCCHTMLEncoding = no
  • FCCHTMLEncodingChars = %22,%26,%27,%3c,%3e,%5c

Restart the Web Agent to fix this vulnerability.

Rerun the vulnerability scan to confirm it.

 

Additional Information

 

  1. CVE-2023-23956 Detail

  2. Help Prevent Attacks

Notes regarding the ACO parameters

- FCCHTMLEncoding and FCCHTMLEncodingChars are mutually exclusive settings.

- If FCCHTMLEncoding is set to YES, then FCCHTMLEncodingChars will not be enabled.

- If FCCHTMLEncodingChars is required, set FCCHTMLEncoding to NO and list the desired characters in FCCHTMLEncodingChars.

Powered by Wolken Software