CVE-2020-27839 - OpenCVE

A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is stored by the frontend application in the browser’s localStorage which is potentially vulnerable to attackers via XSS attacks. The highest threat from this vulnerability is to data confidentiality and integrity.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Ceph

Configuration 1 [-]

OR	cpe:2.3:a:redhat:ceph::::::::
	cpe:2.3:a:redhat:ceph::::::::

References

Link	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1901330	Issue Tracking Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2021-05-26T21:25:44

Updated: 2021-05-26T21:25:44

Reserved: 2020-10-27T00:00:00

Link: CVE-2020-27839

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-05-26T22:15:07.863

Modified: 2021-06-03T18:37:46.990

Link: CVE-2020-27839

JSON object: View

Redhat Information

No data.

CWE

CWE-522

{"containers": {"cna": {"affected": [{"product": "ceph-dashboard", "vendor": "n/a", "versions": [{"status": "affected", "version": "ceph-dashboard 14.2.17, ceph-dashboard 15.2.9"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is stored by the frontend application in the browser\u2019s localStorage which is potentially vulnerable to attackers via XSS attacks. The highest threat from this vulnerability is to data confidentiality and integrity."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-522", "description": "CWE-522", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-05-26T21:25:44", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901330"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-27839", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ceph-dashboard", "version": {"version_data": [{"version_value": "ceph-dashboard 14.2.17, ceph-dashboard 15.2.9"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is stored by the frontend application in the browser\u2019s localStorage which is potentially vulnerable to attackers via XSS attacks. The highest threat from this vulnerability is to data confidentiality and integrity."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-522"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1901330", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901330"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-27839", "datePublished": "2021-05-26T21:25:44", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2021-05-26T21:25:44", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:ceph:*:*:*:*:*:*:*:*", "matchCriteriaId": "932EE726-C7E2-4185-A6C2-A678FB166399", "versionEndExcluding": "14.2.17", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:ceph:*:*:*:*:*:*:*:*", "matchCriteriaId": "509E08EA-73F2-4311-8526-DE79215F2F2D", "versionEndExcluding": "15.2.9", "versionStartIncluding": "15.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is stored by the frontend application in the browser\u2019s localStorage which is potentially vulnerable to attackers via XSS attacks. The highest threat from this vulnerability is to data confidentiality and integrity."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en ceph-dashboard. El programa JSON Web Token (JWT) usado para la autenticaci\u00f3n del usuario es almacenada en la aplicaci\u00f3n frontend en el almacenamiento local del navegador, que es potencialmente vulnerable a atacantes por medio de ataques de tipo XSS. La mayor amenaza de esta vulnerabilidad es la confidencialidad e integridad de los datos"}], "id": "CVE-2020-27839", "lastModified": "2021-06-03T18:37:46.990", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-05-26T22:15:07.863", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901330"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}], "source": "secalert@redhat.com", "type": "Primary"}]}