bsi-2022-0003
Vulnerability from csaf_certbund
Published
2022-11-04 15:00
Modified
2022-11-04 15:00
Summary
Stored Cross-Site Scripting (XSS) Vulnerability in csaf_provider
Notes
Legal disclaimer
As a content provider, BSI is responsible under general law for its own content distributed for use. However, it remains your responsibility to carefully check usage and/or implementation of information provided with the content.
{
"document": {
"acknowledgments": [
{
"names": [
"Damian Pfammatter"
],
"organization": "Cyber-Defense Campus",
"summary": "finding and reporting the vulnerability"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "As a content provider, BSI is responsible under general law for its own content distributed for use. However, it remains your responsibility to carefully check usage and/or implementation of information provided with the content.",
"title": "Legal disclaimer"
}
],
"publisher": {
"category": "coordinator",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "BSI-2022-0003 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/bsi-2022-0003.json"
}
],
"title": "Stored Cross-Site Scripting (XSS) Vulnerability in csaf_provider",
"tracking": {
"current_release_date": "2022-11-04T15:00:00.000Z",
"generator": {
"date": "2022-11-04T14:47:20.479Z",
"engine": {
"name": "Secvisogram",
"version": "2.0.0"
}
},
"id": "BSI-2022-0003",
"initial_release_date": "2022-11-04T15:00:00.000Z",
"revision_history": [
{
"date": "2022-11-04T15:00:00.000Z",
"number": "1",
"summary": "Initial version."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0.0",
"product": {
"name": "CSAF Tools csaf_provider 2.0.0",
"product_id": "CSAFPID-0001"
}
},
{
"category": "product_version",
"name": "0.8.2",
"product": {
"name": "CSAF Tools csaf_provider 0.8.2",
"product_id": "CSAFPID-0002"
}
},
{
"category": "product_version",
"name": "0.8.1",
"product": {
"name": "CSAF Tools csaf_provider 0.8.1",
"product_id": "CSAFPID-0003"
}
},
{
"category": "product_version",
"name": "0.8.0",
"product": {
"name": "CSAF Tools csaf_provider 0.8.0",
"product_id": "CSAFPID-0004"
}
},
{
"category": "product_version",
"name": "0.3.0",
"product": {
"name": "CSAF Tools csaf_provider 0.3.0",
"product_id": "CSAFPID-0005"
}
},
{
"category": "product_version",
"name": "0.3.0-alpha",
"product": {
"name": "CSAF Tools csaf_provider 0.3.0-alpha",
"product_id": "CSAFPID-0006"
}
},
{
"category": "product_version",
"name": "0.3.0-alpha2",
"product": {
"name": "CSAF Tools csaf_provider 0.3.0-alpha2",
"product_id": "CSAFPID-0007"
}
},
{
"category": "product_version",
"name": "0.3.0-alpha3",
"product": {
"name": "CSAF Tools csaf_provider 0.3.0-alpha3",
"product_id": "CSAFPID-0008"
}
},
{
"category": "product_version",
"name": "0.3.0-alpha4",
"product": {
"name": "CSAF Tools csaf_provider 0.3.0-alpha4",
"product_id": "CSAFPID-0009"
}
},
{
"category": "product_version",
"name": "0.3.0-alpha5",
"product": {
"name": "CSAF Tools csaf_provider 0.3.0-alpha5",
"product_id": "CSAFPID-0010"
}
},
{
"category": "product_version",
"name": "0.3.0-alpha6",
"product": {
"name": "CSAF Tools csaf_provider 0.3.0-alpha6",
"product_id": "CSAFPID-0011"
}
},
{
"category": "product_version",
"name": "0.2.0",
"product": {
"name": "CSAF Tools csaf_provider 0.2.0",
"product_id": "CSAFPID-0012"
}
},
{
"category": "product_version",
"name": "0.1.0-alpha.1",
"product": {
"name": "CSAF Tools csaf_provider 0.1.0-alpha.1",
"product_id": "CSAFPID-0013"
}
}
],
"category": "product_name",
"name": "csaf_provider"
}
],
"category": "vendor",
"name": "CSAF POC"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013"
],
"summary": "Affected product versions"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-43996",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2022-05-17T10:00:00.000Z",
"notes": [
{
"category": "summary",
"text": "The endpoint \u201cupload\u201d allows valid CSAF advisories (JSON format) to be uploaded with Content-Type \u201ctext/html\u201d and filenames ending in \u201c.html\u201d. When subsequently accessed via web browser, these advisories are served and interpreted as HTML pages. Such uploaded advisories can contain malicious JavaScript code, that will execute within the browser-context of users inspecting the advisory.",
"title": "Vulnerability summary"
}
],
"product_status": {
"first_fixed": [
"CSAFPID-0002"
],
"fixed": [
"CSAFPID-0001"
],
"known_affected": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013"
],
"recommended": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest version, at least version 0.8.2.",
"group_ids": [
"CSAFGID-0001"
],
"restart_required": {
"category": "none",
"details": "The binary can be replaced without a need to restart any service. However, be aware of API changes between the versions."
},
"url": "https://github.com/csaf-poc/csaf_distribution/releases/latest"
},
{
"category": "mitigation",
"details": "Ensure that no CSAF advisories containing JavaScript code are uploaded, e.g. by organizational measures. ",
"group_ids": [
"CSAFGID-0001"
],
"restart_required": {
"category": "none"
}
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitCodeMaturity": "FUNCTIONAL",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:L/E:F/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013"
]
}
],
"title": "Stored Cross-Site-Scripting"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…