Linux Distros Unpatched Vulnerability : CVE-2019-9834

🗓️ 25 Aug 2025 00:00:00Reported by TenableType

Unpatched Netdata CVE-2019-9834 allows HTML injection via snapshots; attacker can steal credentials.

Reporter	Title	Published	Views	Family All 11
CVE	CVE-2019-9834	15 Mar 201917:00	–	cve
Cvelist	CVE-2019-9834	15 Mar 201917:00	–	cvelist
Debian CVE	CVE-2019-9834	15 Mar 201917:00	–	debiancve
NVD	CVE-2019-9834	15 Mar 201917:29	–	nvd
OpenVAS	NetData <= 1.13.0 HTML Injection Vulnerability	28 Jun 201900:00	–	openvas
OSV	DEBIAN-CVE-2019-9834	15 Mar 201917:29	–	osv
OSV	UBUNTU-CVE-2019-9834	15 Mar 201917:29	–	osv
Prion	Design/Logic Flaw	15 Mar 201917:29	–	prion
Positive Technologies	PT-2019-19884 · Netdata +2 · Netdata +2	15 Mar 201900:00	–	ptsecurity
SUSE CVE	SUSE CVE-2019-9834	15 Feb 202304:14	–	susecve

Source	Link
security-tracker	www.security-tracker.debian.org/tracker/CVE-2019-9834
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(254827);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/08/25");

  script_cve_id("CVE-2019-9834");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2019-9834");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - The Netdata web application through 1.13.0 allows remote attackers to inject their own malicious HTML code
    into an imported snapshot, aka HTML Injection. Successful exploitation will allow attacker-supplied HTML
    to run in the context of the affected browser, potentially allowing the attacker to steal authentication
    credentials or to control how the site is rendered to the user. NOTE: the vendor disputes the risk because
    there is a clear warning next to the button for importing a snapshot (CVE-2019-9834)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2019-9834");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-9834");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/08/25");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:11.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:12.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:netdata");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
  script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
  script_require_ports("Host/OS/Debian Linux-11", "Host/OS/Debian Linux-12");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Debian Linux-12": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "12",
        "pkgs": [
          {"reference": "netdata"},
          {"reference": "netdata-apache2"},
          {"reference": "netdata-core"},
          {"reference": "netdata-core-no-sse"},
          {"reference": "netdata-plugins-bash"},
          {"reference": "netdata-plugins-python"},
          {"reference": "netdata-web"}
        ]
      }
    ]
  },
  "Debian Linux-11": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "11",
        "pkgs": [
          {"reference": "netdata"},
          {"reference": "netdata-apache2"},
          {"reference": "netdata-core"},
          {"reference": "netdata-core-no-sse"},
          {"reference": "netdata-plugins-bash"},
          {"reference": "netdata-plugins-nodejs"},
          {"reference": "netdata-plugins-python"},
          {"reference": "netdata-web"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

25 Aug 2025 00:00Current

6.2Medium risk

Vulners AI Score6.2

CVSS 24.3

CVSS 36.1

EPSS0.07851