CVE-2015-3983

pcs: improper web session variable signing

Severity Score

4.3

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. NOTE: this issue was SPLIT from CVE-2015-1848 per ADT2 due to different vulnerability types.

El demonio pcs (pcsd) en PCS 0.9.137 y anteriores no incluye el indicador HTTPOnly en una cabecera Set-Cookie, lo que facilita a atacantes remotos obtener información potencialmente sensible a través de acceso de secuencias de comandos a esta cookie. NOTA: este problema fue separado (SPLIT) de la CVE-2015-1848 por ADT2 debido a diferentes tipos de vulnerabilidad.

It was found that the pcs daemon did not sign cookies containing session data that were sent to clients connecting via the pcsd web UI. A remote attacker could use this flaw to forge cookies and bypass authorization checks, possibly gaining elevated privileges in the pcsd web UI.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-05-13 CVE Reserved
2015-05-14 CVE Published
2023-03-07 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-310: Cryptographic Issues
CWE-347: Improper Verification of Cryptographic Signature

CAPEC

References (9)

URL	Tag	Source
http://www.securityfocus.com/bid/74682	Vdb Entry
https://bugzilla.redhat.com/attachment.cgi?id=1009855	X_refsource_confirm

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159374.html	2016-12-31
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159401.html	2016-12-31
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159412.html	2016-12-31
http://rhn.redhat.com/errata/RHSA-2015-0980.html	2016-12-31
http://rhn.redhat.com/errata/RHSA-2015-0990.html	2016-12-31
https://access.redhat.com/security/cve/CVE-2015-3983	2015-05-12
https://bugzilla.redhat.com/show_bug.cgi?id=1208294	2015-05-12

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Fedora Search vendor "Fedora"		Pacemaker Configuration System Search vendor "Fedora" for product "Pacemaker Configuration System"				<= 0.9.137 Search vendor "Fedora" for product "Pacemaker Configuration System" and version " <= 0.9.137"		-		Affected