Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.1
CVSSv3

CVE-2021-3509

Published: 27/05/2021 Updated: 25/04/2022
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Redhat

Vulnerability Summary

A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. In response to CVE-2020-27839, the JWT token was moved from localStorage to an httpOnly cookie. However, token cookies are used in the body of the HTTP response for the documentation, which again makes it available to XSS.The greatest threat to the system is for confidentiality, integrity, and availability.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

redhat ceph storage 4.0

Vendor Advisories

Debian CVElist Bug Report Logs: ceph: CVE-2021-3509
Debian Bug report logs - #988888 ceph: CVE-2021-3509 Package: src:ceph; Maintainer for src:ceph is Ceph Packaging Team <team+ceph@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 20 May 2021 19:09:04 UTC Severity: grave Tags: security, upstream Found in version ceph/14220-2 ...
Red Hat: CVE-2021-3509
No description is available for this CVE ...
Arch Linux Issues:
A security issue was found in ceph before version 15212 In order to make the JWT token inaccessible through cross-site scripting (XSS), it was moved from localStorage to httpOnly Cookie (CVE-2020-27839) But token cookies are used in the body of the HTTP response for the documentation, which again makes it available to XSS ...

References

CWE-79https://github.com/ceph/ceph/commit/7a1ca8d372da3b6a4fc3d221a0e5f72d1d61c27bhttps://bugzilla.redhat.com/show_bug.cgi?id=1950116https://github.com/ceph/ceph/commit/adda853e64bdba1288d46bc7d462d23d8f2f10cahttps://github.com/ceph/ceph/commit/af3fffab3b0f13057134d96e5d481e400d8bfd27https://github.com/ceph/ceph/blob/f1557e8f62d31883d3d34ae241a1a26af11d923f/src/pybind/mgr/dashboard/controllers/docs.py#L394-L409https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988888https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2021-3509
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654CVE-2023-49606encryptionNULL pointer dereferenceCVE-2024-4439CVE-2024-4649race conditionCVE-2024-27202CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook