Professional Documents
Culture Documents
Omnivista 4760: Security Advisory Template V.13
Omnivista 4760: Security Advisory Template V.13
Summary
A cross site scripting vulnerability has been discovered in OmniVista 4760. It only impacts the application’s
web pages.
References
Alcatel-Lucent vulnerability number VU-110203-1
Alcatel-Lucent change request crms00325974
Affected products
OmniVista 4760 all versions.
Business integrated Communication Solution (BiCS) all versions prior to R2.3: BiCS includes a vulnerable
version of OmniVista 4760.
Technical context
The OmniVista 4760 Network Management solution can be accessed either through a heavy client –installed
on the administrator’s workstation- or by downloading a lightweight client over the company’s LAN from the
OmniVista 4760 embedded HTTP server.
This HTTP server presents a home page at http://<omnivista_4760_IP_address>/ that gives access to the Web
directory application and the configuration lightweight client application.
Impacts
Normal access to the configuration/save-restore page does not create a risk. It is only when these pages are
visited as the result of following a crafted link that the fraudulent local action occurs. Typical actions may result
in disclosure of information contained in cookies: an authenticator (login/password) or other personal
information.
This vulnerability doesn’t directly impact the communication functions of the managed OmniPCX Enterprise or
OmniPCX Office systems.
Mitigations
OmniVista 4760 server is unreachable from the Internet, and on the company’s LAN to anyone but the
properly trained and trusted telephony, system and network administrators.
Telephony administrators performing administrative duties would not follow links received through emails or
browse unsafe web pages from their workstation.
Deployments that only use heavy weight configuration clients or the embedded client running directly on the
OmniVista 4760 server (standalone configuration) are immune.
Workarounds
Implement one or more of the mitigations above.
Discoverer
Devoteam
History
Ed.01 (10jun2011): creation
Ed.02 (27sep2011): Patch published on BPWS
Ed.03 (17oct2011): added BiCS impact information