CVE-2020-27839

CWE-522 — Insufficiently Protected Credentials CWE-79 — Cross-site Scripting (XSS)10 documents8 sources

Severity

5.4MEDIUM

EPSS

0.3%

top 43.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Ceph

Timeline

PublishedMay 26

Latest updateMay 24

Description

A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is stored by the frontend application in the browser’s localStorage which is potentially vulnerable to attackers via XSS attacks. The highest threat from this vulnerability is to data confidentiality and integrity.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages3 packages

▶CVEListV5ceph-dashboardas shipped in Red Hat Ceph Storage 4, ceph-dashboard 14.2.17, ceph-dashboard 15.2.9+1

▶NVDredhat/ceph15.2.0 — 15.2.9+1

▶Debianceph< 14.2.18-1+3

🔴Vulnerability Details

GHSA

GHSA-2c8x-3ppx-9gj3: A flaw was found in ceph-dashboard↗2022-05-24

▶

OSV

ceph vulnerabilities↗2021-06-25

▶

OSV

CVE-2020-27839: A flaw was found in ceph-dashboard↗2021-05-26

▶

CVEList

CVE-2020-27839: A flaw was found in ceph-dashboard↗2021-05-26

▶

📋Vendor Advisories

Ubuntu

Ceph vulnerabilities↗2021-06-25

▶

Red Hat

ceph-dashboard: Cross-site scripting via token Cookie↗2021-05-13

▶

Red Hat

ceph-dashboard: Don't use Browser's LocalStorage for storing JWT but Secure Cookies with proper HTTP Headers↗2020-03-13

▶

Debian

CVE-2020-27839: ceph - A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authe...↗2020

▶

💬Community

Bugzilla

(CVE-2020-27839) [security] Don't use Browser's LocalStorage for storing JWT but Secure Cookies with proper HTTP Headers↗2020-10-19

▶