Vulnerability Description
A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. In response to CVE-2020-27839, the JWT token was moved from localStorage to an httpOnly cookie. However, token cookies are used in the body of the HTTP response for the documentation, which again makes it available to XSS.The greatest threat to the system is for confidentiality, integrity, and availability.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Ceph Storage | 4.0 |
Related Weaknesses (CWE)
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1950116Issue TrackingPatchVendor Advisory
- https://github.com/ceph/ceph/blob/f1557e8f62d31883d3d34ae241a1a26af11d923f/src/pExploitThird Party Advisory
- https://github.com/ceph/ceph/commit/7a1ca8d372da3b6a4fc3d221a0e5f72d1d61c27bPatchThird Party Advisory
- https://github.com/ceph/ceph/commit/adda853e64bdba1288d46bc7d462d23d8f2f10caPatchThird Party Advisory
- https://github.com/ceph/ceph/commit/af3fffab3b0f13057134d96e5d481e400d8bfd27PatchThird Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1950116Issue TrackingPatchVendor Advisory
- https://github.com/ceph/ceph/blob/f1557e8f62d31883d3d34ae241a1a26af11d923f/src/pExploitThird Party Advisory
- https://github.com/ceph/ceph/commit/7a1ca8d372da3b6a4fc3d221a0e5f72d1d61c27bPatchThird Party Advisory
- https://github.com/ceph/ceph/commit/adda853e64bdba1288d46bc7d462d23d8f2f10caPatchThird Party Advisory
- https://github.com/ceph/ceph/commit/af3fffab3b0f13057134d96e5d481e400d8bfd27PatchThird Party Advisory
FAQ
What is CVE-2021-3509?
CVE-2021-3509 is a vulnerability with a CVSS score of 6.1 (MEDIUM). A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. In response to CVE-2020-27839, the JWT token was moved from localStorage to an httpOnly cookie. However, token cookies are used ...
How severe is CVE-2021-3509?
CVE-2021-3509 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-3509?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Ceph Storage.