CVE-2014-3473
openstack-horizon: multiple XSS flaws
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in the Horizon Orchestration dashboard in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2, when used with Heat, allows remote Orchestration template owners or catalogs to inject arbitrary web script or HTML via a crafted template.
Vulnerabilidad de XSS en la sección Orchestration/Stack en el cuadro de mandos Horizon Orchestration en OpenStack Dashboard (Horizon) anterior a 2013.2.4, 2014.1 anterior a 2014.1.2, y Juno anterior a Juno-2, cuando utilizado con Heat, permite a dueños o catálogos de plantillas Orchestration inyectar secuencias de comandos web o HTML arbitrarios a través de una plantilla manipulada.
Jason Hullinger discovered that OpenStack Horizon did not properly perform input sanitization on Heat templates. If a user were tricked into using a specially crafted Heat template, an attacker could conduct cross-site scripting attacks. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. Craig Lorentzen discovered that OpenStack Horizon did not properly perform input sanitization when creating networks. If a user were tricked into launching an image using the crafted network name, an attacker could conduct cross-site scripting attacks. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-05-14 CVE Reserved
- 2014-07-24 CVE Published
- 2024-08-06 CVE Updated
- 2025-04-04 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/68459 | Third Party Advisory | |
| https://bugs.launchpad.net/horizon/+bug/1308727 | Issue Tracking |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2014/07/08/6 | 2023-02-13 |
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html | 2023-02-13 | |
| https://access.redhat.com/security/cve/CVE-2014-3473 | 2014-09-15 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1116090 | 2014-09-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Openstack Search vendor "Openstack" | Horizon Search vendor "Openstack" for product "Horizon" | >= 2013.2 < 2013.2.4 Search vendor "Openstack" for product "Horizon" and version " >= 2013.2 < 2013.2.4" | - |
Affected
| ||||||
| Openstack Search vendor "Openstack" | Horizon Search vendor "Openstack" for product "Horizon" | >= 2014.1 < 2014.1.2 Search vendor "Openstack" for product "Horizon" and version " >= 2014.1 < 2014.1.2" | - |
Affected
| ||||||
| Openstack Search vendor "Openstack" | Horizon Search vendor "Openstack" for product "Horizon" | juno-1 Search vendor "Openstack" for product "Horizon" and version "juno-1" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Opensuse Search vendor "Opensuse" for product "Opensuse" | 13.1 Search vendor "Opensuse" for product "Opensuse" and version "13.1" | - |
Affected
| ||||||