CVE-2021-42083

Опубликовано: 10 июл. 2023

Источник: nvd

CVSS3: 8.7

CVSS3: 5.4

EPSS Низкий

Описание

An authenticated attacker is able to create alerts that trigger a stored XSS attack.

POC

go to the alert manager
open the ITSM tab
add a webhook with the URL/service token value

' -h && id | tee /tmp/ttttttddddssss #' (whitespaces are tab characters)

click add
click apply
create a test alert
The test alert will run the command

“id | tee /tmp/ttttttddddssss” as root.

after the test alert inspect

/tmp/ttttttddddssss it'll contain the ids of the root user.

Ссылки

https://csirt.divd.nl/CVE-2021-42083
Third Party Advisory
https://csirt.divd.nl/DIVD-2021-00020/
https://www.osnexus.com/products/software-defined-storage
Product
https://www.wbsec.nl/osnexus
Third Party Advisory
https://csirt.divd.nl/CVE-2021-42083
Third Party Advisory
https://www.divd.nl/DIVD-2021-00020
https://www.osnexus.com/products/software-defined-storage
Product
https://www.wbsec.nl/osnexus
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:osnexus:quantastor:*:*:*:*:*:*:*:*

Версия до 6.0.0.355 (исключая)

Одно из

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 31%

0.00117

Низкий

8.7 High

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-9c8q-55w7-h67h

CVSS3: 8.7

github

больше 2 лет назад

An authenticated attacker is able to create alerts that trigger a stored XSS attack.

EPSS

Процентиль: 31%

0.00117

Низкий

8.7 High

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79