Описание
The dashbuilder in Red Hat JBoss BPM Suite 6.3.2 does not properly handle CSRF tokens generated during an active session and includes them in query strings, which makes easier for remote attackers to (1) bypass CSRF protection mechanisms or (2) conduct cross-site request forgery (CSRF) attacks by obtaining an old token.
It has been reported that CSRF tokens are not properly handled in JBoss BPM suite dashbuilder. Old tokens generated during an active session can be used to bypass CSRF protection. In addition, the tokens are sent in query string so they can be exposed through the browser's history, referrers, web logs, and other sources. Attackers may be able to obtain old tokens from various sources in the network and perform CSRF attacks successfully.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat BPM Suite 6 | dashbuilder | Affected | ||
| Red Hat JBoss BRMS 6 | dashbuilder | Not affected | ||
| Red Hat JBoss BPMS 6.4 | Fixed | RHSA-2017:0557 | 16.03.2017 | |
| Red Hat JBoss Data Virtualization 6.4 | dashbuilder | Fixed | RHSA-2018:0296 | 13.02.2018 |
Показывать по
Дополнительная информация
Статус:
EPSS
4.2 Medium
CVSS3
4 Medium
CVSS2
Связанные уязвимости
The dashbuilder in Red Hat JBoss BPM Suite 6.3.2 does not properly handle CSRF tokens generated during an active session and includes them in query strings, which makes easier for remote attackers to (1) bypass CSRF protection mechanisms or (2) conduct cross-site request forgery (CSRF) attacks by obtaining an old token.
The dashbuilder in Red Hat JBoss BPM Suite 6.3.2 does not properly handle CSRF tokens generated during an active session and includes them in query strings, which makes easier for remote attackers to (1) bypass CSRF protection mechanisms or (2) conduct cross-site request forgery (CSRF) attacks by obtaining an old token.
EPSS
4.2 Medium
CVSS3
4 Medium
CVSS2