CVE-2020-27839

A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is stored by the frontend application in the browser’s localStorage which is potentially vulnerable to attackers via XSS attacks. The highest threat from this vulnerability is to data confidentiality and integrity.

CVSS v3 5.4 MEDIUM
CVSS v2.0 3.5 LOW

5.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.3 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

3.5^/10

CVSS v2.0 : LOW

Vector : AV:N/AC:M/Au:S/C:N/I:P/A:N

Exploitability : 6.8 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1901330	Issue Tracking Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:redhat:ceph::::::::
	cpe:2.3:a:redhat:ceph::::::::

History

No history.

Information

Published : 2021-05-26 22:15

Updated : 2021-06-03 18:37

NVD link : CVE-2020-27839

Mitre link : CVE-2020-27839

CVE.ORG link : CVE-2020-27839

JSON object : View

Products Affected

redhat

ceph

CWE

CWE-522

Insufficiently Protected Credentials

{"id": "CVE-2020-27839", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}]}, "published": "2021-05-26T22:15:07.863", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901330", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-522"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is stored by the frontend application in the browser\u2019s localStorage which is potentially vulnerable to attackers via XSS attacks. The highest threat from this vulnerability is to data confidentiality and integrity."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en ceph-dashboard. El programa JSON Web Token (JWT) usado para la autenticaci\u00f3n del usuario es almacenada en la aplicaci\u00f3n frontend en el almacenamiento local del navegador, que es potencialmente vulnerable a atacantes por medio de ataques de tipo XSS. La mayor amenaza de esta vulnerabilidad es la confidencialidad e integridad de los datos"}], "lastModified": "2021-06-03T18:37:46.990", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:ceph:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "932EE726-C7E2-4185-A6C2-A678FB166399", "versionEndExcluding": "14.2.17"}, {"criteria": "cpe:2.3:a:redhat:ceph:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "509E08EA-73F2-4311-8526-DE79215F2F2D", "versionEndExcluding": "15.2.9", "versionStartIncluding": "15.2.0"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}