SB2023073141 - Multiple vulnerabilities in Netdisco
Published: July 31, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 vulnerabilities.
1) Stored cross-site scripting (CVE-ID: CVE-2023-37623)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in the /Web/TypeAhead.pm component. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
2) Open redirect (CVE-ID: CVE-2023-37624)
The vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The vulnerability exists due to improper sanitization of user-supplied data. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.
Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.
Remediation
Install update from vendor's website.
References
- https://github.com/benjaminpsinclair/Netdisco-CVE
- https://github.com/netdisco/netdisco/commit/9f4401f2fb00c84210cd551b97c8ad60e78c71e0
- https://github.com/benjaminpsinclair/Netdisco-2023-Advisory
- https://github.com/netdisco/netdisco/commit/39562e0633a2472d50f7f33e69c36da4ad1fbfa3
- https://github.com/netdisco/netdisco/commit/a2da6a7a046c1c0fd41072dd6991eec7614293f8