CVE-2017-18635 Information

Feb 14, 2021 cve

Description

An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field such as the VNC server name.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Reference

https://access.redhat.com/errata/RHSA-2020:0754 https://bugs.launchpad.net/horizon/+bug/1656435 https://github.com/novnc/noVNC/commit/6048299a138e078aed210f163111698c8c526a13diff-286f7dc7b881e942e97cd50c10898f03L534 https://github.com/novnc/noVNC/issues/748 https://github.com/novnc/noVNC/releases/tag/v0.6.2 https://github.com/ShielderSec/cve-2017-18635 https://lists.debian.org/debian-lts-announce/2019/10/msg00004.html https://usn.ubuntu.com/4522-1/ https://www.shielder.it/blog/exploiting-an-old-novnc-xss-cve-2017-18635-in-openstack/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

6.1

Share on: