csaf_certbund - wid-sec-w-2023-1489

wid-sec-w-2023-1489

Vulnerability from csaf_certbund

Published

2023-06-15 22:00

Modified

2023-06-15 22:00

Summary

Red Hat Enterprise Linux Ceph Storage: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.

Angriff

Ein Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen und einen Denial of Service Zustand auszulösen.

Betroffene Betriebssysteme

- UNIX - Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren und einen Denial of Service Zustand auszul\u00f6sen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX\n- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-1489 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1489.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-1489 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1489"
      },
      {
        "category": "external",
        "summary": "RHSA-2023:3623 - Security Advisory vom 2023-06-15",
        "url": "https://access.redhat.com/errata/RHSA-2023:3623"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat Enterprise Linux Ceph Storage: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2023-06-15T22:00:00.000+00:00",
      "generator": {
        "date": "2024-02-15T17:31:37.760+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2023-1489",
      "initial_release_date": "2023-06-15T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-06-15T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux Ceph Storage 6.1",
            "product": {
              "name": "Red Hat Enterprise Linux Ceph Storage 6.1",
              "product_id": "T028158",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:ceph_storage_6.1"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-31129",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Red Hat Enterprise Linux Ceph Storage. Der Fehler besteht im Moment.js-Paket bei der \u00dcbergabe von vom Benutzer bereitgestellten Zeichenketten ohne \u00dcberpr\u00fcfung der korrekten L\u00e4nge an den Moment-Konstruktor. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028158"
        ]
      },
      "release_date": "2023-06-15T22:00:00Z",
      "title": "CVE-2022-31129"
    },
    {
      "cve": "CVE-2021-4231",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat Enterprise Linux Ceph Storage existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden im angular/core Paket nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, authentisierter Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028158"
        ]
      },
      "release_date": "2023-06-15T22:00:00Z",
      "title": "CVE-2021-4231"
    }
  ]
}

cve-2022-31129

Vulnerability from cvelistv5

Published

2022-07-06 00:00

Modified

2024-08-03 07:11

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

Inefficient Regular Expression Complexity in moment

References

▼	URL	Tags
	https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g
	https://github.com/moment/moment/pull/6015#issuecomment-1152961973
	https://github.com/moment/moment/commit/9a3b5894f3d5d602948ac8a02e4ee528a49ca3a3
	https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633/
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO/	vendor-advisory
	https://security.netapp.com/advisory/ntap-20221014-0003/
	https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html	mailing-list

Impacted products

▼	Vendor	Product
	moment	moment

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:11:39.222Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/moment/moment/pull/6015#issuecomment-1152961973"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/moment/moment/commit/9a3b5894f3d5d602948ac8a02e4ee528a49ca3a3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633/"
          },
          {
            "name": "FEDORA-2022-85aa8e5706",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/"
          },
          {
            "name": "FEDORA-2022-35b698150c",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/"
          },
          {
            "name": "FEDORA-2022-b9ef7c3c3c",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O/"
          },
          {
            "name": "FEDORA-2022-798fd95813",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20221014-0003/"
          },
          {
            "name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3295-1] node-moment security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "moment",
          "vendor": "moment",
          "versions": [
            {
              "status": "affected",
              "version": " \u003e= 2.18.0, \u003c 2.29.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-31T00:00:00",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
        },
        {
          "url": "https://github.com/moment/moment/pull/6015#issuecomment-1152961973"
        },
        {
          "url": "https://github.com/moment/moment/commit/9a3b5894f3d5d602948ac8a02e4ee528a49ca3a3"
        },
        {
          "url": "https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633/"
        },
        {
          "name": "FEDORA-2022-85aa8e5706",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/"
        },
        {
          "name": "FEDORA-2022-35b698150c",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/"
        },
        {
          "name": "FEDORA-2022-b9ef7c3c3c",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O/"
        },
        {
          "name": "FEDORA-2022-798fd95813",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20221014-0003/"
        },
        {
          "name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3295-1] node-moment security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html"
        }
      ],
      "source": {
        "advisory": "GHSA-wc69-rhjr-hc9g",
        "discovery": "UNKNOWN"
      },
      "title": "Inefficient Regular Expression Complexity in moment"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-31129",
    "datePublished": "2022-07-06T00:00:00",
    "dateReserved": "2022-05-18T00:00:00",
    "dateUpdated": "2024-08-03T07:11:39.222Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-4231

Vulnerability from cvelistv5

Published

2022-05-26 07:10

Modified

2024-08-03 17:23

Severity ?

3.5 (Low) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Summary

Angular Comment cross site scripting

References

▼	URL	Tags
	https://github.com/angular/angular/issues/40136	x_refsource_MISC
	https://github.com/angular/angular/commit/ba8da742e3b243e8f43d4c63aa842b44e14f2b09	x_refsource_MISC
	https://security.snyk.io/vuln/SNYK-JS-ANGULARCORE-1070902	x_refsource_MISC
	https://vuldb.com/?id.181356	x_refsource_MISC

Impacted products

▼	Vendor	Product
	unspecified	Angular

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:23:10.322Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/angular/angular/issues/40136"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/angular/angular/commit/ba8da742e3b243e8f43d4c63aa842b44e14f2b09"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.snyk.io/vuln/SNYK-JS-ANGULARCORE-1070902"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?id.181356"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Angular",
          "vendor": "unspecified",
          "versions": [
            {
              "status": "affected",
              "version": "11.0.0"
            },
            {
              "status": "affected",
              "version": "11.0.1"
            },
            {
              "status": "affected",
              "version": "11.0.2"
            },
            {
              "status": "affected",
              "version": "11.0.3"
            },
            {
              "status": "affected",
              "version": "11.0.4"
            },
            {
              "status": "affected",
              "version": "11.1.0-next.0"
            },
            {
              "status": "affected",
              "version": "11.1.0-next.1"
            },
            {
              "status": "affected",
              "version": "11.1.0-next.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Mi\u0161ko Hevery"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 11.0.5 and 11.1.0-next.3 is able to address this issue. The name of the patch is ba8da742e3b243e8f43d4c63aa842b44e14f2b09. It is recommended to upgrade the affected component."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Cross Site Scripting",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-26T07:10:14",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/angular/angular/issues/40136"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/angular/angular/commit/ba8da742e3b243e8f43d4c63aa842b44e14f2b09"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.snyk.io/vuln/SNYK-JS-ANGULARCORE-1070902"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://vuldb.com/?id.181356"
        }
      ],
      "title": "Angular Comment cross site scripting",
      "x_generator": "vuldb.com",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cna@vuldb.com",
          "ID": "CVE-2021-4231",
          "REQUESTER": "cna@vuldb.com",
          "STATE": "PUBLIC",
          "TITLE": "Angular Comment cross site scripting"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Angular",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "11.0.0"
                          },
                          {
                            "version_value": "11.0.1"
                          },
                          {
                            "version_value": "11.0.2"
                          },
                          {
                            "version_value": "11.0.3"
                          },
                          {
                            "version_value": "11.0.4"
                          },
                          {
                            "version_value": "11.1.0-next.0"
                          },
                          {
                            "version_value": "11.1.0-next.1"
                          },
                          {
                            "version_value": "11.1.0-next.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": ""
              }
            ]
          }
        },
        "credit": "Mi\u0161ko Hevery",
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 11.0.5 and 11.1.0-next.3 is able to address this issue. The name of the patch is ba8da742e3b243e8f43d4c63aa842b44e14f2b09. It is recommended to upgrade the affected component."
            }
          ]
        },
        "generator": "vuldb.com",
        "impact": {
          "cvss": {
            "baseScore": "3.5",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79 Cross Site Scripting"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/angular/angular/issues/40136",
              "refsource": "MISC",
              "url": "https://github.com/angular/angular/issues/40136"
            },
            {
              "name": "https://github.com/angular/angular/commit/ba8da742e3b243e8f43d4c63aa842b44e14f2b09",
              "refsource": "MISC",
              "url": "https://github.com/angular/angular/commit/ba8da742e3b243e8f43d4c63aa842b44e14f2b09"
            },
            {
              "name": "https://security.snyk.io/vuln/SNYK-JS-ANGULARCORE-1070902",
              "refsource": "MISC",
              "url": "https://security.snyk.io/vuln/SNYK-JS-ANGULARCORE-1070902"
            },
            {
              "name": "https://vuldb.com/?id.181356",
              "refsource": "MISC",
              "url": "https://vuldb.com/?id.181356"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2021-4231",
    "datePublished": "2022-05-26T07:10:14",
    "dateReserved": "2022-05-26T00:00:00",
    "dateUpdated": "2024-08-03T17:23:10.322Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Action not permitted

wid-sec-w-2023-1489

Vulnerability from csaf_certbund

cve-2022-31129

Vulnerability from cvelistv5

cve-2021-4231

Vulnerability from cvelistv5

Tags