CVE-2017-18635 — MEDIUM (6.1)

Q: How severe is CVE-2017-18635?

CVE-2017-18635 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2017-18635?

Check the references section above for vendor advisories and patch information. Affected products include: Novnc Novnc, Debian Debian Linux, Canonical Ubuntu Linux, Redhat Openstack.

Vulnerability Description

An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.

CVSS Score

6.1

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Novnc	Novnc	< 0.6.2
Debian	Debian Linux	8.0
Canonical	Ubuntu Linux	16.04
Redhat	Openstack	13

Related Weaknesses (CWE)

CWE-79

References

https://access.redhat.com/errata/RHSA-2020:0754Third Party Advisory
https://bugs.launchpad.net/horizon/+bug/1656435Issue TrackingThird Party Advisory
https://github.com/ShielderSec/cve-2017-18635Third Party Advisory
https://github.com/novnc/noVNC/commit/6048299a138e078aed210f163111698c8c526a13#dPatchThird Party Advisory
https://github.com/novnc/noVNC/issues/748PatchThird Party Advisory
https://github.com/novnc/noVNC/releases/tag/v0.6.2Release NotesThird Party Advisory
https://lists.debian.org/debian-lts-announce/2019/10/msg00004.htmlMailing ListThird Party Advisory
https://lists.debian.org/debian-lts-announce/2021/12/msg00024.htmlMailing ListThird Party Advisory
https://usn.ubuntu.com/4522-1/Third Party Advisory
https://www.shielder.it/blog/exploiting-an-old-novnc-xss-cve-2017-18635-in-opensExploitThird Party Advisory
https://access.redhat.com/errata/RHSA-2020:0754Third Party Advisory
https://bugs.launchpad.net/horizon/+bug/1656435Issue TrackingThird Party Advisory
https://github.com/ShielderSec/cve-2017-18635Third Party Advisory
https://github.com/novnc/noVNC/commit/6048299a138e078aed210f163111698c8c526a13#dPatchThird Party Advisory
https://github.com/novnc/noVNC/issues/748PatchThird Party Advisory

FAQ

What is CVE-2017-18635?

CVE-2017-18635 is a vulnerability with a CVSS score of 6.1 (MEDIUM). An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as th...

How severe is CVE-2017-18635?

CVE-2017-18635 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-18635?

Check the references section above for vendor advisories and patch information. Affected products include: Novnc Novnc, Debian Debian Linux, Canonical Ubuntu Linux, Redhat Openstack.