CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2019-10179 – pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab
https://notcve.org/view.php?id=CVE-2019-10179
A vulnerability was found in all pki-core 10.x.x versions, where the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code. Se detectó una vulnerabilidad en todas las versiones de pki-core 10.x.x, donde el Key Recovery Authority (KRA) Agent Service no saneó apropiadamente la página de búsqueda de petición de recuperación, permitiendo una vulnerabilidad de tipo Cross Site Scripting (XSS) Reflejado. Un atacante podría engañar a una víctima autenticada para que ejecute un código Javascript especialmente diseñado. It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10179 https://access.redhat.com/security/cve/CVE-2019-10179 https://bugzilla.redhat.com/show_bug.cgi?id=1695901 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2019-10221 – pki-core: Reflected XSS in getcookies?url= endpoint in CA
https://notcve.org/view.php?id=CVE-2019-10221
A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser. Se detectó una vulnerabilidad de tipo Cross Site Scripting Reflejado en todas las versiones de pki-core 10.x.x, en el módulo pki-ca del servidor pki-core. Este fallo es debido a la falta de saneamiento de los parámetros GET URL. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10221 https://access.redhat.com/security/cve/CVE-2019-10221 https://bugzilla.redhat.com/show_bug.cgi?id=1732565 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10178 – pki-core: stored Cross-site scripting (XSS) in the pki-tps web Activity tab
https://notcve.org/view.php?id=CVE-2019-10178
It was found that the Token Processing Service (TPS) did not properly sanitize the Token IDs from the "Activity" page, enabling a Stored Cross Site Scripting (XSS) vulnerability. An unauthenticated attacker could trick an authenticated victim into creating a specially crafted activity, which would execute arbitrary JavaScript code when viewed in a browser. All versions of pki-core are believed to be vulnerable. Se detectó que el Token Processing Service (TPS) no sanea apropiadamente los ID de Token de la página "Activity", permitiendo una vulnerabilidad de tipo Cross Site Scripting (XSS) Almacenado. Un atacante no autenticado podría engañar a una víctima autenticada para que cree una actividad especialmente diseñada, que ejecutaría código JavaScript arbitrario cuando es visualizada en un navegador. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10178 https://access.redhat.com/security/cve/CVE-2019-10178 https://bugzilla.redhat.com/show_bug.cgi?id=1719042 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2019-10146 – pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page
https://notcve.org/view.php?id=CVE-2019-10146
A Reflected Cross Site Scripting flaw was found in all pki-core 10.x.x versions module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser. Se detectó un fallo de tipo Cross Site Scripting Reflejado en todos los módulos pki-core versiones 10.x.x del servidor pki-core debido a que el CA Agent Service no sanea apropiadamente la página de petición de certificado. Un atacante podría inyectar un valor especialmente diseñado que será ejecutado en el navegador de la víctima. A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10146 https://access.redhat.com/security/cve/CVE-2019-10146 https://bugzilla.redhat.com/show_bug.cgi?id=1710171 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1080 – pki-core: Mishandled ACL configuration in AAclAuthz.java reverses rules that allow and deny access
https://notcve.org/view.php?id=CVE-2018-1080
Dogtag PKI, through version 10.6.1, has a vulnerability in AAclAuthz.java that, under certain configurations, causes the application of ACL allow and deny rules to be reversed. If a server is configured to process allow rules before deny rules (authz.evaluateOrder=allow,deny), then allow rules will deny access and deny rules will grant access. This may result in an escalation of privileges or have other unintended consequences. Dogtag PKI, hasta la versión 10.6.1, tiene una vulnerabilidad en AAclAuthz.java que, bajo ciertas configuraciones, provoca que la aplicación de listas de control de acceso permita que las reglas allow y deny se reviertan. Si un servidor está configurado para procesar las reglas allow antes que las deny (authz.evaluateOrder=allow,deny), las reglas allow denegarán el acceso y las reglas deny lo permitirán. • https://access.redhat.com/errata/RHSA-2018:1979 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1080 https://pagure.io/freeipa/issue/7453 https://review.gerrithub.io/c/dogtagpki/pki/+/404435 https://access.redhat.com/security/cve/CVE-2018-1080 https://bugzilla.redhat.com/show_bug.cgi?id=1556657 • CWE-284: Improper Access Control •