Bug 1517396 – CVE-2017-15125 cloudforms: XSS in self-service UI snapshot feature

Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.

Bug 1517396 - (CVE-2017-15125) CVE-2017-15125 cloudforms: XSS in self-service UI snapshot feature

Summary:	CVE-2017-15125 cloudforms: XSS in self-service UI snapshot feature

Status:	CLOSED ERRATA

Aliases:	CVE-2017-15125

Product:	Security Response
Classification:	Other
Component:	vulnerability (Show other bugs)
Sub Component:
Version:	unspecified
Hardware:	All Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Red Hat Product Security
QA Contact:
Docs Contact:

URL:
Whiteboard:	impact=moderate,public=20171221,repor...
Keywords:	Security

Depends On:	1536094 1536095 1536534
Blocks:	1517389
	Show dependency tree / graph

Reported:	2017-11-24 15:40 EST by Pedro Sampaio
Modified:	2018-07-27 04:47 EDT (History)
CC List:	14 users (show)

See Also:
Fixed In Version:	cfme 5.9.0.22
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in CloudForms in the self-service UI snapshot feature where the name field is not properly sanitized for HTML and JavaScript input. An attacker could use this flaw to execute a stored XSS attack on an application administrator using CloudForms. Please note that CSP (Content Security Policy) prevents exploitation of this XSS however not all browsers support CSP.
Story Points:	---
Clone Of:
Environment:
Last Closed:	2018-03-01 09:23:45 EST
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2018:0380	normal	SHIPPED_LIVE	Moderate: Red Hat CloudForms security, bug fix, and enhancement update	2018-03-01 13:37:12 EST

Groups: None (edit)

Description Pedro Sampaio 2017-11-24 15:40:52 EST

A cross-site script vulnerability was found in CloudForms 5.9.0.10 self-service UI snapshot feature.

Comment 3 Kurt Seifried 2017-12-19 11:59:13 EST

Acknowledgments:

Name: Yadnyawalk Tale (Red Hat)

Comment 4 Kurt Seifried 2017-12-19 12:42:19 EST

Workaround:

The CloudForms CSP (Content Security Policy) will prevent exploitation of this, newer versions of the Firefox and Chrome web browsers support CSP and as such users of them are not affected by this XSS.

Comment 8 errata-xmlrpc 2018-03-01 08:06:46 EST

This issue has been addressed in the following products:

  CloudForms Management Engine 5.9

Via RHSA-2018:0380 https://access.redhat.com/errata/RHSA-2018:0380

Comment 10 Andrej Nemec 2018-05-14 08:18:42 EDT

Statement:

This issue affects the versions of cfme as shipped with Red Hat CloudForms 4. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Note You need to log in before you can comment on or make changes to this bug.