Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-18635

An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.

Published

2019-09-25T23:15:09.937

Last Modified

2024-11-21T03:20:32.157

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.1 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Primary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	novnc	novnc	< 0.6.2	Yes
Operating System	debian	debian_linux	8.0	Yes
Operating System	debian	debian_linux	9.0	Yes
Operating System	canonical	ubuntu_linux	16.04	Yes
Application	redhat	openstack	13	Yes

References

https://access.redhat.com/errata/RHSA-2020:0754 Third Party Advisory ([email protected])
https://bugs.launchpad.net/horizon/+bug/1656435 Issue Tracking, Third Party Advisory ([email protected])
https://github.com/ShielderSec/cve-2017-18635 Third Party Advisory ([email protected])
https://github.com/novnc/noVNC/commit/6048299a138e078aed210f163111698c8c526a13#diff-286f7dc7b881e942e97cd50c10898f03L534 Patch, Third Party Advisory ([email protected])
https://github.com/novnc/noVNC/issues/748 Patch, Third Party Advisory ([email protected])
https://github.com/novnc/noVNC/releases/tag/v0.6.2 Release Notes, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2019/10/msg00004.html Mailing List, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2021/12/msg00024.html Mailing List, Third Party Advisory ([email protected])
https://usn.ubuntu.com/4522-1/ Third Party Advisory ([email protected])
https://www.shielder.it/blog/exploiting-an-old-novnc-xss-cve-2017-18635-in-openstack/ Exploit, Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2020:0754 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://bugs.launchpad.net/horizon/+bug/1656435 Issue Tracking, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/ShielderSec/cve-2017-18635 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/novnc/noVNC/commit/6048299a138e078aed210f163111698c8c526a13#diff-286f7dc7b881e942e97cd50c10898f03L534 Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/novnc/noVNC/issues/748 Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/novnc/noVNC/releases/tag/v0.6.2 Release Notes, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2019/10/msg00004.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2021/12/msg00024.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/4522-1/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.shielder.it/blog/exploiting-an-old-novnc-xss-cve-2017-18635-in-openstack/ Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)