BSI-2022-0003
Vulnerability from csaf_certbund - Published: 2022-11-04 15:00 - Updated: 2022-11-04 15:00Summary
Stored Cross-Site Scripting (XSS) Vulnerability in csaf_provider
Notes
Legal disclaimer
As a content provider, BSI is responsible under general law for its own content distributed for use. However, it remains your responsibility to carefully check usage and/or implementation of information provided with the content.
{
"document": {
"acknowledgments": [
{
"names": [
"Damian Pfammatter"
],
"organization": "Cyber-Defense Campus",
"summary": "finding and reporting the vulnerability"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "As a content provider, BSI is responsible under general law for its own content distributed for use. However, it remains your responsibility to carefully check usage and/or implementation of information provided with the content.",
"title": "Legal disclaimer"
}
],
"publisher": {
"category": "coordinator",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "BSI-2022-0003 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/bsi-2022-0003.json"
}
],
"title": "Stored Cross-Site Scripting (XSS) Vulnerability in csaf_provider",
"tracking": {
"current_release_date": "2022-11-04T15:00:00.000Z",
"generator": {
"date": "2022-11-04T14:47:20.479Z",
"engine": {
"name": "Secvisogram",
"version": "2.0.0"
}
},
"id": "BSI-2022-0003",
"initial_release_date": "2022-11-04T15:00:00.000Z",
"revision_history": [
{
"date": "2022-11-04T15:00:00.000Z",
"number": "1",
"summary": "Initial version."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0.0",
"product": {
"name": "CSAF Tools csaf_provider 2.0.0",
"product_id": "CSAFPID-0001"
}
},
{
"category": "product_version",
"name": "0.8.2",
"product": {
"name": "CSAF Tools csaf_provider 0.8.2",
"product_id": "CSAFPID-0002"
}
},
{
"category": "product_version",
"name": "0.8.1",
"product": {
"name": "CSAF Tools csaf_provider 0.8.1",
"product_id": "CSAFPID-0003"
}
},
{
"category": "product_version",
"name": "0.8.0",
"product": {
"name": "CSAF Tools csaf_provider 0.8.0",
"product_id": "CSAFPID-0004"
}
},
{
"category": "product_version",
"name": "0.3.0",
"product": {
"name": "CSAF Tools csaf_provider 0.3.0",
"product_id": "CSAFPID-0005"
}
},
{
"category": "product_version",
"name": "0.3.0-alpha",
"product": {
"name": "CSAF Tools csaf_provider 0.3.0-alpha",
"product_id": "CSAFPID-0006"
}
},
{
"category": "product_version",
"name": "0.3.0-alpha2",
"product": {
"name": "CSAF Tools csaf_provider 0.3.0-alpha2",
"product_id": "CSAFPID-0007"
}
},
{
"category": "product_version",
"name": "0.3.0-alpha3",
"product": {
"name": "CSAF Tools csaf_provider 0.3.0-alpha3",
"product_id": "CSAFPID-0008"
}
},
{
"category": "product_version",
"name": "0.3.0-alpha4",
"product": {
"name": "CSAF Tools csaf_provider 0.3.0-alpha4",
"product_id": "CSAFPID-0009"
}
},
{
"category": "product_version",
"name": "0.3.0-alpha5",
"product": {
"name": "CSAF Tools csaf_provider 0.3.0-alpha5",
"product_id": "CSAFPID-0010"
}
},
{
"category": "product_version",
"name": "0.3.0-alpha6",
"product": {
"name": "CSAF Tools csaf_provider 0.3.0-alpha6",
"product_id": "CSAFPID-0011"
}
},
{
"category": "product_version",
"name": "0.2.0",
"product": {
"name": "CSAF Tools csaf_provider 0.2.0",
"product_id": "CSAFPID-0012"
}
},
{
"category": "product_version",
"name": "0.1.0-alpha.1",
"product": {
"name": "CSAF Tools csaf_provider 0.1.0-alpha.1",
"product_id": "CSAFPID-0013"
}
}
],
"category": "product_name",
"name": "csaf_provider"
}
],
"category": "vendor",
"name": "CSAF POC"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013"
],
"summary": "Affected product versions"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-43996",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-05-17T10:00:00.000Z",
"notes": [
{
"category": "summary",
"text": "The endpoint \u201cupload\u201d allows valid CSAF advisories (JSON format) to be uploaded with Content-Type \u201ctext/html\u201d and filenames ending in \u201c.html\u201d. When subsequently accessed via web browser, these advisories are served and interpreted as HTML pages. Such uploaded advisories can contain malicious JavaScript code, that will execute within the browser-context of users inspecting the advisory.",
"title": "Vulnerability summary"
}
],
"product_status": {
"first_fixed": [
"CSAFPID-0002"
],
"fixed": [
"CSAFPID-0001"
],
"known_affected": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013"
],
"recommended": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest version, at least version 0.8.2.",
"group_ids": [
"CSAFGID-0001"
],
"restart_required": {
"category": "none",
"details": "The binary can be replaced without a need to restart any service. However, be aware of API changes between the versions."
},
"url": "https://github.com/csaf-poc/csaf_distribution/releases/latest"
},
{
"category": "mitigation",
"details": "Ensure that no CSAF advisories containing JavaScript code are uploaded, e.g. by organizational measures. ",
"group_ids": [
"CSAFGID-0001"
],
"restart_required": {
"category": "none"
}
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitCodeMaturity": "FUNCTIONAL",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:L/E:F/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013"
]
}
],
"title": "Stored Cross-Site-Scripting"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…