Cross-site scripting in Foreman



| Updated: 2020-08-08
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2018-16861
CWE-ID CWE-79
Exploitation vector Network
Public exploit N/A
Vulnerable software
 Foreman
Web applications / Remote management & hosting panels

Vendor Foreman

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Cross-site scripting

EUVDB-ID: #VU36315

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-16861

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The vulnerability allows a remote privileged user to read and manipulate data.

A cross-site scripting (XSS) flaw was found in the foreman component of satellite. An attacker with privilege to create entries using the Hosts, Monitor, Infrastructure, or Administer Menus is able to execute a XSS attacks against other users, possibly leading to malicious code execution and extraction of the anti-CSRF token of higher privileged users. Foreman before 1.18.3, 1.19.1, and 1.20.0 are vulnerable.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Foreman: 1.20.0

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2019:1222
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16861


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###