CVE-2021-42083

Summary

An authenticated attacker is able to create alerts that trigger a stored XSS attack.

POC

  • go to the alert manager

  • open the ITSM tab

  • add a webhook with the URL/service token value

' -h && id | tee /tmp/ttttttddddssss #' (whitespaces are tab characters)

  • click add

  • click apply

  • create a test alert

  • The test alert will run the command

“id | tee /tmp/ttttttddddssss” as root.

  • after the test alert inspect

/tmp/ttttttddddssss it'll contain the ids of the root user.

Affected Software

VendorProductVersion RangeStatus
OSNEXUSQuantaStor0 < 6.0.0.355affected

Weaknesses

  • CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADP Enrichment

CVE Program Container

Additional References

References