CVE-2017-1002201 - OpenCVE

In haml versions prior to version 5.0.0.beta.2, when using user input to perform tasks on the server, characters like < > " ' must be escaped properly. In this case, the ' character was missed. An attacker can manipulate the input to introduce additional attributes, potentially executing code.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Haml	Haml

Configuration 1 [-]

cpe:2.3:a:haml:haml:*:*:*:*:*:ruby:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

No data.

References

Link	Providers
https://github.com/haml/haml/commit/18576ae6e9bdcb4303fdbe6b3199869d289d67c2
https://lists.debian.org/debian-lts-announce/2019/11/msg00007.html
https://lists.debian.org/debian-lts-announce/2021/12/msg00028.html
https://security.gentoo.org/glsa/202007-27
https://snyk.io/vuln/SNYK-RUBY-HAML-20362

History

No history.

MITRE

Status: PUBLISHED

Assigner: dwf

Published: 2019-10-15T17:35:57

Updated: 2024-08-05T22:08:11.499Z

Reserved: 2019-10-15T00:00:00

Link: CVE-2017-1002201

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2019-10-15T18:15:10.560

Modified: 2022-04-05T20:53:33.597

Link: CVE-2017-1002201

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "haml", "vendor": "http://haml.info/", "versions": [{"status": "affected", "version": "All versions prior to version 5.0.0.beta.2"}]}], "descriptions": [{"lang": "en", "value": "In haml versions prior to version 5.0.0.beta.2, when using user input to perform tasks on the server, characters like < > \" ' must be escaped properly. In this case, the ' character was missed. An attacker can manipulate the input to introduce additional attributes, potentially executing code."}], "problemTypes": [{"descriptions": [{"description": "Cross-site Scripting (XSS)", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-12-29T14:06:09", "orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "shortName": "dwf"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/haml/haml/commit/18576ae6e9bdcb4303fdbe6b3199869d289d67c2"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://snyk.io/vuln/SNYK-RUBY-HAML-20362"}, {"name": "[debian-lts-announce] 20191110 [SECURITY] [DLA 1986-1] ruby-haml security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00007.html"}, {"name": "GLSA-202007-27", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202007-27"}, {"name": "[debian-lts-announce] 20211229 [SECURITY] [DLA 2864-1] ruby-haml security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00028.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve-assign@distributedweaknessfiling.org", "ID": "CVE-2017-1002201", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "haml", "version": {"version_data": [{"version_value": "All versions prior to version 5.0.0.beta.2"}]}}]}, "vendor_name": "http://haml.info/"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In haml versions prior to version 5.0.0.beta.2, when using user input to perform tasks on the server, characters like < > \" ' must be escaped properly. In this case, the ' character was missed. An attacker can manipulate the input to introduce additional attributes, potentially executing code."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Cross-site Scripting (XSS)"}]}]}, "references": {"reference_data": [{"name": "https://github.com/haml/haml/commit/18576ae6e9bdcb4303fdbe6b3199869d289d67c2", "refsource": "MISC", "url": "https://github.com/haml/haml/commit/18576ae6e9bdcb4303fdbe6b3199869d289d67c2"}, {"name": "https://snyk.io/vuln/SNYK-RUBY-HAML-20362", "refsource": "CONFIRM", "url": "https://snyk.io/vuln/SNYK-RUBY-HAML-20362"}, {"name": "[debian-lts-announce] 20191110 [SECURITY] [DLA 1986-1] ruby-haml security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00007.html"}, {"name": "GLSA-202007-27", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202007-27"}, {"name": "[debian-lts-announce] 20211229 [SECURITY] [DLA 2864-1] ruby-haml security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00028.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T22:08:11.499Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/haml/haml/commit/18576ae6e9bdcb4303fdbe6b3199869d289d67c2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://snyk.io/vuln/SNYK-RUBY-HAML-20362"}, {"name": "[debian-lts-announce] 20191110 [SECURITY] [DLA 1986-1] ruby-haml security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00007.html"}, {"name": "GLSA-202007-27", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/202007-27"}, {"name": "[debian-lts-announce] 20211229 [SECURITY] [DLA 2864-1] ruby-haml security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00028.html"}]}]}, "cveMetadata": {"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "assignerShortName": "dwf", "cveId": "CVE-2017-1002201", "datePublished": "2019-10-15T17:35:57", "dateReserved": "2019-10-15T00:00:00", "dateUpdated": "2024-08-05T22:08:11.499Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:haml:haml:*:*:*:*:*:ruby:*:*", "matchCriteriaId": "BD7B8475-41D4-4A62-91BB-99A105EBA4F2", "versionEndExcluding": "5.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In haml versions prior to version 5.0.0.beta.2, when using user input to perform tasks on the server, characters like < > \" ' must be escaped properly. In this case, the ' character was missed. An attacker can manipulate the input to introduce additional attributes, potentially executing code."}, {"lang": "es", "value": "En haml versiones anteriores a la versi\u00f3n 5.0.0.beta.2, cuando se usa la entrada del usuario para realizar tareas en el servidor, los caracteres como ( ) \" ' necesitan escaparse apropiadamente. En este caso, el car\u00e1cter ' se perdi\u00f3. Un atacante puede manipular la entrada para introducir atributos adicionales, ejecutando potencialmente c\u00f3digo."}], "id": "CVE-2017-1002201", "lastModified": "2022-04-05T20:53:33.597", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-10-15T18:15:10.560", "references": [{"source": "josh@bress.net", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/haml/haml/commit/18576ae6e9bdcb4303fdbe6b3199869d289d67c2"}, {"source": "josh@bress.net", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00007.html"}, {"source": "josh@bress.net", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00028.html"}, {"source": "josh@bress.net", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202007-27"}, {"source": "josh@bress.net", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://snyk.io/vuln/SNYK-RUBY-HAML-20362"}], "sourceIdentifier": "josh@bress.net", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}