cnvd - cnvd-2016-06156

CNVD-2016-06156

Vulnerability from cnvd - Published: 2016-08-09

Title

Grails console跨站请求伪造漏洞

Description

Grails是一套基于Groovy编程语言且用于快速开发Web应用的开源框架。console是其中的一个基于Web的Groovy交互式运行应用管理和调试控制台插件。 Grails console存在跨站请求伪造漏洞，允许远程攻击者构建恶意URI，诱使用户解析，可以目标用户上下文执行恶意操作。

Severity

中

Patch Name

Grails console跨站请求伪造漏洞的补丁

Patch Description

Grails是一套基于Groovy编程语言且用于快速开发Web应用的开源框架。console是其中的一个基于Web的Groovy交互式运行应用管理和调试控制台插件。 Grails console存在跨站请求伪造漏洞，允许远程攻击者构建恶意URI，诱使用户解析，可以目标用户上下文执行恶意操作。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： https://github.com/sheehan/grails-console/commit/155e0f5f0fe3b3bd7027d730fa00bf0655f28207

Reference

http://www.openwall.com/lists/oss-security/2016/08/02/11

Impacted products

Name
Grails console

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "92267"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-6521"
    }
  },
  "description": "Grails\u662f\u4e00\u5957\u57fa\u4e8eGroovy\u7f16\u7a0b\u8bed\u8a00\u4e14\u7528\u4e8e\u5feb\u901f\u5f00\u53d1Web\u5e94\u7528\u7684\u5f00\u6e90\u6846\u67b6\u3002console\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u57fa\u4e8eWeb\u7684Groovy\u4ea4\u4e92\u5f0f\u8fd0\u884c\u5e94\u7528\u7ba1\u7406\u548c\u8c03\u8bd5\u63a7\u5236\u53f0\u63d2\u4ef6\u3002\r\n\r\nGrails console\u5b58\u5728\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u6784\u5efa\u6076\u610fURI\uff0c\u8bf1\u4f7f\u7528\u6237\u89e3\u6790\uff0c\u53ef\u4ee5\u76ee\u6807\u7528\u6237\u4e0a\u4e0b\u6587\u6267\u884c\u6076\u610f\u64cd\u4f5c\u3002",
  "discovererName": "unknown",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://github.com/sheehan/grails-console/commit/155e0f5f0fe3b3bd7027d730fa00bf0655f28207",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-06156",
  "openTime": "2016-08-09",
  "patchDescription": "Grails\u662f\u4e00\u5957\u57fa\u4e8eGroovy\u7f16\u7a0b\u8bed\u8a00\u4e14\u7528\u4e8e\u5feb\u901f\u5f00\u53d1Web\u5e94\u7528\u7684\u5f00\u6e90\u6846\u67b6\u3002console\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u57fa\u4e8eWeb\u7684Groovy\u4ea4\u4e92\u5f0f\u8fd0\u884c\u5e94\u7528\u7ba1\u7406\u548c\u8c03\u8bd5\u63a7\u5236\u53f0\u63d2\u4ef6\u3002\r\n\r\nGrails console\u5b58\u5728\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u6784\u5efa\u6076\u610fURI\uff0c\u8bf1\u4f7f\u7528\u6237\u89e3\u6790\uff0c\u53ef\u4ee5\u76ee\u6807\u7528\u6237\u4e0a\u4e0b\u6587\u6267\u884c\u6076\u610f\u64cd\u4f5c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Grails console\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Grails console"
  },
  "referenceLink": "http://www.openwall.com/lists/oss-security/2016/08/02/11",
  "serverity": "\u4e2d",
  "submitTime": "2016-08-07",
  "title": "Grails console\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e"
}

CVE-2016-6521 (GCVE-0-2016-6521)

Vulnerability from cvelistv5 – Published: 2017-01-23 21:00 – Updated: 2024-08-06 01:29

Summary

Cross-site request forgery (CSRF) vulnerability in Grails console (aka Grails Debug Console and Grails Web Console) 2.0.7, 1.5.10, and earlier allows remote attackers to hijack the authentication of users for requests that execute arbitrary Groovy code via unspecified vectors.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.openwall.com/lists/oss-security/2016/08/02/2	mailing-listx_refsource_MLIST
	http://www.openwall.com/lists/oss-security/2016/0…	mailing-listx_refsource_MLIST
	https://github.com/sheehan/grails-console/issues/54	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/92267	vdb-entryx_refsource_BID
	https://github.com/sheehan/grails-console/issues/55	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/08/03/9	mailing-listx_refsource_MLIST

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:29:20.320Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20160801 CVE Request: CSRF in Grails console",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/08/02/2"
          },
          {
            "name": "[oss-security] 20160802 Re: CVE Request: CSRF in Grails console",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/08/02/11"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/sheehan/grails-console/issues/54"
          },
          {
            "name": "92267",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/92267"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/sheehan/grails-console/issues/55"
          },
          {
            "name": "[oss-security] 20160803 Grails Console is still vulnerable to CSRF CVE-2016-6521",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/08/03/9"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-07-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site request forgery (CSRF) vulnerability in Grails console (aka Grails Debug Console and Grails Web Console) 2.0.7, 1.5.10, and earlier allows remote attackers to hijack the authentication of users for requests that execute arbitrary Groovy code via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-24T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20160801 CVE Request: CSRF in Grails console",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/08/02/2"
        },
        {
          "name": "[oss-security] 20160802 Re: CVE Request: CSRF in Grails console",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/08/02/11"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/sheehan/grails-console/issues/54"
        },
        {
          "name": "92267",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/92267"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/sheehan/grails-console/issues/55"
        },
        {
          "name": "[oss-security] 20160803 Grails Console is still vulnerable to CSRF CVE-2016-6521",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/08/03/9"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-6521",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site request forgery (CSRF) vulnerability in Grails console (aka Grails Debug Console and Grails Web Console) 2.0.7, 1.5.10, and earlier allows remote attackers to hijack the authentication of users for requests that execute arbitrary Groovy code via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160801 CVE Request: CSRF in Grails console",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/08/02/2"
            },
            {
              "name": "[oss-security] 20160802 Re: CVE Request: CSRF in Grails console",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/08/02/11"
            },
            {
              "name": "https://github.com/sheehan/grails-console/issues/54",
              "refsource": "CONFIRM",
              "url": "https://github.com/sheehan/grails-console/issues/54"
            },
            {
              "name": "92267",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/92267"
            },
            {
              "name": "https://github.com/sheehan/grails-console/issues/55",
              "refsource": "CONFIRM",
              "url": "https://github.com/sheehan/grails-console/issues/55"
            },
            {
              "name": "[oss-security] 20160803 Grails Console is still vulnerable to CSRF CVE-2016-6521",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/08/03/9"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-6521",
    "datePublished": "2017-01-23T21:00:00",
    "dateReserved": "2016-08-02T00:00:00",
    "dateUpdated": "2024-08-06T01:29:20.320Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2016-06156

CVE-2016-6521 (GCVE-0-2016-6521)

Tags

Sightings

Nomenclature