Lucene search

GoogleOSV:CVE-2023-45279

HistoryOct 19, 2023 - 10:15 p.m.

CVE-2023-45279

2023-10-1922:15:09

Google

osv.dev

yamcs 5.8.6

xss vulnerability

bucket storage

javascript file

telemetry menu

software

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

6.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.0%

JSON

Yamcs 5.8.6 allows XSS (issue 1 of 2). It comes with a Bucket as its primary storage mechanism. Buckets allow for the upload of any file. There’s a way to upload a display referencing a malicious JavaScript file to the bucket. The user can then open the uploaded display by selecting Telemetry from the menu and navigating to the display.

CPENameOperatorVersion
yamcseqyamcs-5.7.4
yamcseqyamcs-5.7.9
yamcseqyamcs-4.0.1
yamcseqyamcs-5.5.1
yamcseqyamcs-4.6.1
yamcseqyamcs-5.7.0
yamcseq0.28.0-20150824
yamcseq0.27.1
yamcseqyamcs-3.1.2
yamcseqyamcs-5.5.7

Name	Operator	Version
yamcs	eq	yamcs-5.7.4
yamcs	eq	yamcs-5.7.9
yamcs	eq	yamcs-4.0.1
yamcs	eq	yamcs-5.5.1
yamcs	eq	yamcs-4.6.1
yamcs	eq	yamcs-5.7.0
yamcs	eq	0.28.0-20150824
yamcs	eq	0.27.1
yamcs	eq	yamcs-3.1.2
yamcs	eq	yamcs-5.5.7

Rows per page:

1-10 of 1251

References

github.com/yamcs/yamcs/compare/yamcs-5.8.6...yamcs-5.8.7

www.linkedin.com/pulse/yamcs-vulnerability-assessment-visionspace-technologies