Skip to content

Edgarloyola/CVE-2021-40906

main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

CVE-2021-40906 - Reflected XSS in an unauthenticated zone

Application: CheckMK Management Web Console

Software Revision: From 1.5.0 to 1.5.0p25

Author: Edgar Augusto Loyola Torres.

Attack type: Reflected XSS

Solution: Update to Software Revision 1.6.0p26 or later

Summary: CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does not sanitise the input of a web service parameter that is in an unauthenticated zone. This Reflected XSS allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser (such as JavaScript or other client-side scripts) or to steal the session cookies of a user who has previously authenticated via a man in the middle. Successful exploitation requires access to the web service resource without authentication.

Technical Description: See CVE-2021-40906

Timeline:

  • 2021-09-01 Issues discovered.
  • 2021-09-06 First contact with vendor via e-mail.
  • 2021-09-08 Vendor response. XSS vulnerabilities were already detected, and would be patched in the next release.
  • 2021-09-30 New Software Version release(1.6.0p27) and Vulnerability patch confirmed.

Reference:

DEMO

PoC CheckMk version 1.5.0p25 Raw Edition

Reflected XSS

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published