CVE-2018-17193 - OpenCVE

The message-page.jsp error page used the value of the HTTP request header X-ProxyContextPath without sanitization, resulting in a reflected XSS attack. Mitigation: The fix to correctly parse and sanitize the request attribute value was applied on the Apache NiFi 1.8.0 release. Users running a prior 1.x release should upgrade to the appropriate release.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Apache	Nifi

Configuration 1 [-]

cpe:2.3:a:apache:nifi:*:*:*:*:*:*:*:*

References

Link	Resource
https://nifi.apache.org/security.html#CVE-2018-17193	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: apache

Published: 2018-12-19T14:00:00

Updated: 2018-12-19T13:57:01

Reserved: 2018-09-19T00:00:00

Link: CVE-2018-17193

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-12-19T14:29:00.393

Modified: 2019-02-07T19:21:08.323

Link: CVE-2018-17193

JSON object: View

Redhat Information

No data.

CWE

CWE-79

{"containers": {"cna": {"affected": [{"product": "Apache NiFi", "vendor": "Apache Software Foundation", "versions": [{"status": "affected", "version": "Apache NiFi 1.0.0 - 1.7.1"}]}], "datePublic": "2018-12-19T00:00:00", "descriptions": [{"lang": "en", "value": "The message-page.jsp error page used the value of the HTTP request header X-ProxyContextPath without sanitization, resulting in a reflected XSS attack. Mitigation: The fix to correctly parse and sanitize the request attribute value was applied on the Apache NiFi 1.8.0 release. Users running a prior 1.x release should upgrade to the appropriate release."}], "problemTypes": [{"descriptions": [{"description": "XSS", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-12-19T13:57:01", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://nifi.apache.org/security.html#CVE-2018-17193"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "ID": "CVE-2018-17193", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache NiFi", "version": {"version_data": [{"version_value": "Apache NiFi 1.0.0 - 1.7.1"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The message-page.jsp error page used the value of the HTTP request header X-ProxyContextPath without sanitization, resulting in a reflected XSS attack. Mitigation: The fix to correctly parse and sanitize the request attribute value was applied on the Apache NiFi 1.8.0 release. Users running a prior 1.x release should upgrade to the appropriate release."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "XSS"}]}]}, "references": {"reference_data": [{"name": "https://nifi.apache.org/security.html#CVE-2018-17193", "refsource": "CONFIRM", "url": "https://nifi.apache.org/security.html#CVE-2018-17193"}]}}}}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2018-17193", "datePublished": "2018-12-19T14:00:00", "dateReserved": "2018-09-19T00:00:00", "dateUpdated": "2018-12-19T13:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:nifi:*:*:*:*:*:*:*:*", "matchCriteriaId": "2F6B3A37-6559-40FE-92B9-4FCE9906CA5D", "versionEndIncluding": "1.7.1", "versionStartIncluding": "1.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The message-page.jsp error page used the value of the HTTP request header X-ProxyContextPath without sanitization, resulting in a reflected XSS attack. Mitigation: The fix to correctly parse and sanitize the request attribute value was applied on the Apache NiFi 1.8.0 release. Users running a prior 1.x release should upgrade to the appropriate release."}, {"lang": "es", "value": "La p\u00e1gina de error message-page.jsp emple\u00f3 el valor de la cabecera de petici\u00f3n HTTP X-ProxyContextPath sin sanear, lo que resulta en un ataque Cross-Site Scripting (XSS). Mitigaci\u00f3n: La soluci\u00f3n para analizar correctamente y sanear el valor del atributo de petici\u00f3n se aplic\u00f3 en la distribuci\u00f3n 1.8.0 de Apache NiFi. Los usuarios que ejecuten una distribuci\u00f3n 1.x anterior deben actualizarla a la distribuci\u00f3n adecuada."}], "id": "CVE-2018-17193", "lastModified": "2019-02-07T19:21:08.323", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-12-19T14:29:00.393", "references": [{"source": "security@apache.org", "tags": ["Vendor Advisory"], "url": "https://nifi.apache.org/security.html#CVE-2018-17193"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}