CVE-2019-3876 — Cross-Site Request Forgery in Openshift Oauth-apiserver

CWE-352 — Cross-Site Request Forgery7 documents5 sources

Severity

6.3MEDIUMNVD

EPSS

0.1%

top 65.58%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Github.com Openshift Oauth-apiserver Redhat Openshift Container Platform RED HAT Web-console

Timeline

PublishedApr 1

Latest updateMay 13

Description

A flaw was found in the /oauth/token/request custom endpoint of the OpenShift OAuth server allowing for XSS generation of CLI tokens due to missing X-Frame-Options and CSRF protections. If not otherwise prevented, a separate XSS vulnerability via JavaScript could further allow for the extraction of these tokens.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:LExploitability: 2.8 | Impact: 3.4

Affected Packages3 packages

▶Gogithub.com/openshift_oauth-apiserver3.0 — 3.11

▶NVDredhat/openshift_container_platform3.0 — 3.11

▶CVEListV5red_hat/web-consoleaffects OpenShift Container Platform version v3.0 through v3.11

🔴Vulnerability Details

GHSA

Withdrawn Advisory: OpenShift OAuth Server XSS Vulnerability↗2022-05-13

▶

CVEList

CVE-2019-3876: A flaw was found in the /oauth/token/request custom endpoint of the OpenShift OAuth server allowing for XSS generation of CLI tokens due to missing X-↗2019-04-01

▶

📋Vendor Advisories

Red Hat

web-console: XSS in OAuth server /oauth/token/request endpoint↗2019-03-27

▶

💬Community

Bugzilla

CVE-2019-9433 libvpx: Use-after-free in vp8_deblock() in vp8/common/postproc.c↗2020-01-08

▶

Bugzilla

CVE-2019-9232 libvpx: Out of bounds read in vp8_norm table↗2020-01-08

▶

Bugzilla

CVE-2019-3876 web-console: XSS in OAuth server /oauth/token/request endpoint↗2019-03-20

▶