GSD-2023-6710
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host and adds the script to the cluster-manager page. The impact of this vulnerability is considered as Low, as the cluster_manager URL should not be exposed outside and is protected by user/password.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-6710"
],
"details": "A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the \u0027alias\u0027 parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host and adds the script to the cluster-manager page. The impact of this vulnerability is considered as Low, as the cluster_manager URL should not be exposed outside and is protected by user/password.",
"id": "GSD-2023-6710",
"modified": "2023-12-13T01:20:32.647829Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2023-6710",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "JBoss Core Services for RHEL 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.3.20-3.el8jbcs",
"versionType": "rpm"
}
]
}
}
]
}
},
{
"product_name": "JBoss Core Services on RHEL 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.3.20-3.el7jbcs",
"versionType": "rpm"
}
]
}
}
]
}
},
{
"product_name": "Red Hat JBoss Core Services 1",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat JBoss Core Services",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Mohamed Mounir Boudjema (Intervalle-Technologies) for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the \u0027alias\u0027 parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host and adds the script to the cluster-manager page."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-79",
"lang": "eng",
"value": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/errata/RHSA-2024:1316",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2024:1316"
},
{
"name": "https://access.redhat.com/errata/RHSA-2024:1317",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2024:1317"
},
{
"name": "https://access.redhat.com/security/cve/CVE-2023-6710",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/CVE-2023-6710"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2254128",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254128"
}
]
},
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
]
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:modcluster:mod_proxy_cluster:-:*:*:*:*:*:*:*",
"matchCriteriaId": "372FE519-9030-408F-895D-750B210515F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the \u0027alias\u0027 parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host and adds the script to the cluster-manager page."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en mod_proxy_cluster en el servidor Apache. Este problema puede permitir que un usuario malintencionado agregue un script en el par\u00e1metro \u0027alias\u0027 de la URL para activar la vulnerabilidad de Cross-Site Scripting (XSS) Almacenado. Al agregar un script en el par\u00e1metro alias en la URL, agrega un nuevo host virtual y agrega el script a la p\u00e1gina del administrador del cl\u00faster. El impacto de esta vulnerabilidad se considera bajo, ya que la URL cluster_manager no debe exponerse al exterior y est\u00e1 protegida por usuario/contrase\u00f1a."
}
],
"id": "CVE-2023-6710",
"lastModified": "2024-03-18T22:15:07.537",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
},
"published": "2023-12-12T22:15:22.950",
"references": [
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:1316"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:1317"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-6710"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254128"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
}
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…