1. Introduction
Selligent Message Studio is affected by a code execution vulnerability, CVE-2017-5638. This allows a remote attacker to run commands on systems running the software. Businesses using Selligent Message Studio are at risk of complete system compromise. Confidentiality, integrity and availability may all be impacted if exploited successfully.
2. Technical Explanation
The vulnerability is due to a flaw in Apache Struts (S2-045) used by Selligent Message Studio. An attacker can send a specially crafted HTTP request that causes the application to execute arbitrary code. Exploitation requires no authentication.
- Root cause: The instance does not properly validate user supplied input when processing requests, leading to remote code execution.
- Exploit mechanism: An attacker sends an HTTP request containing malicious code within a parameter that is processed by the vulnerable Struts component. This triggers code execution on the server.
- Scope: Selligent Message Studio instances are affected. Specific versions were not provided in the context, so all versions should be considered at risk until patched.
3. Detection and Assessment
Confirming vulnerability requires checking the version of Struts used by Selligent Message Studio. A thorough assessment involves scanning for the specific CVE.
- Quick checks: Check Selligent Message Studio documentation or administration interface for details on the underlying Struts version.
- Scanning: Nessus plugin ID db0c2b7e can detect this vulnerability. Other scanners may have similar signatures.
- Logs and evidence: Look for unusual activity in application logs, particularly around HTTP request processing.
4. Solution / Remediation Steps
The solution is to contact the vendor for a patch or updated version of Selligent Message Studio that addresses CVE-2017-5638.
4.1 Preparation
- Ensure you have a rollback plan in place, which may involve restoring from backup.
- A change window is recommended for this update, requiring approval from IT management.
4.2 Implementation
- Step 1: Contact Selligent support and request the latest security patch for CVE-2017-5638.
- Step 2: Download and review the patch documentation provided by Selligent.
- Step 3: Apply the patch according to the vendor’s instructions. This may involve stopping the service, installing the patch, and restarting the service.
4.3 Config or Code Example
Before
After
4.4 Security Practices Relevant to This Vulnerability
Practices that help prevent this issue include least privilege and a regular patch cadence.
- Practice 1: Implement least privilege for Selligent Message Studio service accounts to limit the impact of potential code execution.
- Practice 2: Maintain a regular patch schedule for all software, including Selligent Message Studio, to address known vulnerabilities promptly.
4.5 Automation (Optional)
No automation steps are provided as this requires vendor-specific patching procedures.
5. Verification / Validation
- Post-fix check: Check Selligent Message Studio documentation or administration interface for the updated Struts version number.
- Re-test: Re-run the Nessus scan (plugin ID db0c2b7e) to confirm the vulnerability is no longer detected.
- Smoke test: Test basic functionality of Selligent Message Studio, such as sending a simple email campaign and verifying delivery.
6. Preventive Measures and Monitoring
Update security baselines to include patched versions of Selligent Message Studio. Implement regular vulnerability scanning in CI/CD pipelines.
- Baselines: Update your security baseline or policy to require the latest version of Selligent Message Studio with the CVE-2017-5638 patch applied.
- Asset and patch process: Review and update your asset inventory and patch management process to ensure timely patching of critical software like Selligent Message Studio.
7. Risks, Side Effects, and Roll Back
Patching may cause temporary service disruption. Always have a rollback plan in place.
- Risk or side effect 1: Patch installation could temporarily interrupt Selligent Message Studio service availability.
- Risk or side effect 2: In rare cases, the patch might introduce compatibility issues with existing integrations.
- Roll back: Restore from the pre-patch backup of the Selligent Message Studio configuration and database if any issues arise.
8. References and Resources
- Vendor advisory or bulletin: No link provided in the context. Contact Selligent support directly for their security bulletins.
- NVD or CVE entry: http://www.nessus.org/u?db0c2b7e
- Product or platform documentation relevant to the fix: No link provided in the context. Check Selligent’s official website for documentation on patching and upgrading.