CVE-2017-3165 - OpenCVE

In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site scripting where one authenticated user can cause scripts to run in the browser of another user authorized to access the first user's resources. This is due to improper escaping of server-side content. There is known to be a proof-of-concept exploit using this vulnerability.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Apache	Brooklyn

Configuration 1 [-]

cpe:2.3:a:apache:brooklyn:*:*:*:*:*:*:*:*

References

Link	Resource
http://www.securityfocus.com/bid/96228	Third Party Advisory VDB Entry
https://brooklyn.apache.org/community/security/CVE-2017-3165.html	Exploit Vendor Advisory
https://lists.apache.org/thread.html/5aa6b7583edbfc1f5653607003204326d9e27ef65e8af356c798b21c%40%3Cdev.brooklyn.apache.org%3E

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: apache

Published: 2017-02-10T00:00:00

Updated: 2017-09-14T09:57:01

Reserved: 2016-12-05T00:00:00

Link: CVE-2017-3165

JSON object: View

NVD Information

Status : Modified

Published: 2017-09-13T16:29:00.540

Modified: 2023-11-07T02:44:04.380

Link: CVE-2017-3165

JSON object: View

Redhat Information

No data.

CWE

CWE-79

{"containers": {"cna": {"affected": [{"product": "Apache Brooklyn", "vendor": "Apache Software Foundation", "versions": [{"status": "affected", "version": "0.9.0 and all prior versions"}]}], "datePublic": "2017-02-10T00:00:00", "descriptions": [{"lang": "en", "value": "In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site scripting where one authenticated user can cause scripts to run in the browser of another user authorized to access the first user's resources. This is due to improper escaping of server-side content. There is known to be a proof-of-concept exploit using this vulnerability."}], "problemTypes": [{"descriptions": [{"description": "Cross-site scripting", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-14T09:57:01", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"name": "96228", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/96228"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://brooklyn.apache.org/community/security/CVE-2017-3165.html"}, {"name": "[dev] 20170210 [SECURITY] CVE-2017-3165: Cross-site vulnerabilities in Apache Brooklyn", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/5aa6b7583edbfc1f5653607003204326d9e27ef65e8af356c798b21c%40%3Cdev.brooklyn.apache.org%3E"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "DATE_PUBLIC": "2017-02-10T00:00:00", "ID": "CVE-2017-3165", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Brooklyn", "version": {"version_data": [{"version_value": "0.9.0 and all prior versions"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site scripting where one authenticated user can cause scripts to run in the browser of another user authorized to access the first user's resources. This is due to improper escaping of server-side content. There is known to be a proof-of-concept exploit using this vulnerability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Cross-site scripting"}]}]}, "references": {"reference_data": [{"name": "96228", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96228"}, {"name": "https://brooklyn.apache.org/community/security/CVE-2017-3165.html", "refsource": "CONFIRM", "url": "https://brooklyn.apache.org/community/security/CVE-2017-3165.html"}, {"name": "[dev] 20170210 [SECURITY] CVE-2017-3165: Cross-site vulnerabilities in Apache Brooklyn", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/5aa6b7583edbfc1f5653607003204326d9e27ef65e8af356c798b21c@%3Cdev.brooklyn.apache.org%3E"}]}}}}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2017-3165", "datePublished": "2017-02-10T00:00:00", "dateReserved": "2016-12-05T00:00:00", "dateUpdated": "2017-09-14T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:brooklyn:*:*:*:*:*:*:*:*", "matchCriteriaId": "37F4D23C-1126-43D6-9C86-706C0B6D38D1", "versionEndIncluding": "0.9.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site scripting where one authenticated user can cause scripts to run in the browser of another user authorized to access the first user's resources. This is due to improper escaping of server-side content. There is known to be a proof-of-concept exploit using this vulnerability."}, {"lang": "es", "value": "En Apache Brooklyn en versiones anteriores a la 0.10.0, el servidor REST es vulnerable a Cross-Site Scripting (XSS) en el cual un usuario autenticado puede hacer que los scripts se ejecuten en el navegador de otro usuario autorizado para acceder a los recursos del primer usuario. Esto se debe al escape incorrecto del contenido del lado del servidor. Se sabe que existe un exploit a modo de prueba de concepto que emplea esta vulnerabilidad."}], "id": "CVE-2017-3165", "lastModified": "2023-11-07T02:44:04.380", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-09-13T16:29:00.540", "references": [{"source": "security@apache.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/96228"}, {"source": "security@apache.org", "tags": ["Exploit", "Vendor Advisory"], "url": "https://brooklyn.apache.org/community/security/CVE-2017-3165.html"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/5aa6b7583edbfc1f5653607003204326d9e27ef65e8af356c798b21c%40%3Cdev.brooklyn.apache.org%3E"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}