Vulnerability-Lookup

CNVD-2016-13005

Vulnerability from cnvd - Published: 2016-12-26

Title

Rapid7 Nexpose Create Tags页面跨站脚本漏洞

Description

Rapid7 Nexpose是美国Rapid7公司的一套能够综合利用不同的扫描结果深度探测网络的漏洞管理软件。该软件可主动扫描配置环境的错误、漏洞、恶意软件并提供指导降低风险。 Rapid7 Nexpose 6.4.12版本的用户界面的Create Tags页面中存在跨站脚本漏洞。攻击者可利用该漏洞向tag名字字段注入跨站脚本。

Severity

低

Patch Name

Rapid7 Nexpose Create Tags页面跨站脚本漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： https://help.rapid7.com/nexpose/en-us/release-notes/#6.4.13

Reference

https://help.rapid7.com/nexpose/en-us/release-notes/#6.4.13

Impacted products

Name
Rapid7 Nexpose 6.4.12

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "94996"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-9757"
    }
  },
  "description": "Rapid7 Nexpose\u662f\u7f8e\u56fdRapid7\u516c\u53f8\u7684\u4e00\u5957\u80fd\u591f\u7efc\u5408\u5229\u7528\u4e0d\u540c\u7684\u626b\u63cf\u7ed3\u679c\u6df1\u5ea6\u63a2\u6d4b\u7f51\u7edc\u7684\u6f0f\u6d1e\u7ba1\u7406\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u53ef\u4e3b\u52a8\u626b\u63cf\u914d\u7f6e\u73af\u5883\u7684\u9519\u8bef\u3001\u6f0f\u6d1e\u3001\u6076\u610f\u8f6f\u4ef6\u5e76\u63d0\u4f9b\u6307\u5bfc\u964d\u4f4e\u98ce\u9669\u3002\r\n\r\nRapid7 Nexpose 6.4.12\u7248\u672c\u7684\u7528\u6237\u754c\u9762\u7684Create Tags\u9875\u9762\u4e2d\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5411tag\u540d\u5b57\u5b57\u6bb5\u6ce8\u5165\u8de8\u7ad9\u811a\u672c\u3002",
  "discovererName": "Rapid7",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://help.rapid7.com/nexpose/en-us/release-notes/#6.4.13",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-13005",
  "openTime": "2016-12-26",
  "patchDescription": "Rapid7 Nexpose\u662f\u7f8e\u56fdRapid7\u516c\u53f8\u7684\u4e00\u5957\u80fd\u591f\u7efc\u5408\u5229\u7528\u4e0d\u540c\u7684\u626b\u63cf\u7ed3\u679c\u6df1\u5ea6\u63a2\u6d4b\u7f51\u7edc\u7684\u6f0f\u6d1e\u7ba1\u7406\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u53ef\u4e3b\u52a8\u626b\u63cf\u914d\u7f6e\u73af\u5883\u7684\u9519\u8bef\u3001\u6f0f\u6d1e\u3001\u6076\u610f\u8f6f\u4ef6\u5e76\u63d0\u4f9b\u6307\u5bfc\u964d\u4f4e\u98ce\u9669\u3002\r\n\r\nRapid7 Nexpose 6.4.12\u7248\u672c\u7684\u7528\u6237\u754c\u9762\u7684Create Tags\u9875\u9762\u4e2d\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5411tag\u540d\u5b57\u5b57\u6bb5\u6ce8\u5165\u8de8\u7ad9\u811a\u672c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Rapid7 Nexpose Create Tags\u9875\u9762\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Rapid7 Nexpose 6.4.12"
  },
  "referenceLink": "https://help.rapid7.com/nexpose/en-us/release-notes/#6.4.13",
  "serverity": "\u4f4e",
  "submitTime": "2016-12-22",
  "title": "Rapid7 Nexpose Create Tags\u9875\u9762\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e"
}

CVE-2016-9757 (GCVE-0-2016-9757)

Vulnerability from cvelistv5 – Published: 2016-12-20 22:00 – Updated: 2024-08-06 02:59

Summary

In the Create Tags page of the Rapid7 Nexpose version 6.4.12 user interface, any authenticated user who has the capability to create tags can inject cross-site scripting (XSS) elements in the tag name field. Once this tag is viewed in the Tag Detail page of the Rapid7 Nexpose 6.4.12 UI by another authenticated user, the script is run in that user's browser context.

Severity ?

No CVSS data available.

CWE

Persistent XSS

Assigner

rapid7

References

URL

Tags

	https://help.rapid7.com/nexpose/en-us/release-not…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/94996	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	Rapid7	Nexpose	Affected: 6.4.12

Date Public ?

2016-12-20 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:59:03.463Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://help.rapid7.com/nexpose/en-us/release-notes/#6.4.13"
          },
          {
            "name": "94996",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94996"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Nexpose",
          "vendor": "Rapid7",
          "versions": [
            {
              "status": "affected",
              "version": "6.4.12"
            }
          ]
        }
      ],
      "datePublic": "2016-12-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Create Tags page of the Rapid7 Nexpose version 6.4.12 user interface, any authenticated user who has the capability to create tags can inject cross-site scripting (XSS) elements in the tag name field. Once this tag is viewed in the Tag Detail page of the Rapid7 Nexpose 6.4.12 UI by another authenticated user, the script is run in that user\u0027s browser context."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Persistent XSS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-22T10:57:01.000Z",
        "orgId": "9974b330-7714-4307-a722-5648477acda7",
        "shortName": "rapid7"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://help.rapid7.com/nexpose/en-us/release-notes/#6.4.13"
        },
        {
          "name": "94996",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94996"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@rapid7.com",
          "ID": "CVE-2016-9757",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Nexpose",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.4.12"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Rapid7"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In the Create Tags page of the Rapid7 Nexpose version 6.4.12 user interface, any authenticated user who has the capability to create tags can inject cross-site scripting (XSS) elements in the tag name field. Once this tag is viewed in the Tag Detail page of the Rapid7 Nexpose 6.4.12 UI by another authenticated user, the script is run in that user\u0027s browser context."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Persistent XSS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://help.rapid7.com/nexpose/en-us/release-notes/#6.4.13",
              "refsource": "CONFIRM",
              "url": "https://help.rapid7.com/nexpose/en-us/release-notes/#6.4.13"
            },
            {
              "name": "94996",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94996"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
    "assignerShortName": "rapid7",
    "cveId": "CVE-2016-9757",
    "datePublished": "2016-12-20T22:00:00.000Z",
    "dateReserved": "2016-12-02T00:00:00.000Z",
    "dateUpdated": "2024-08-06T02:59:03.463Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2016-13005

CVE-2016-9757 (GCVE-0-2016-9757)

Tags

Sightings

Nomenclature