CVE-2021-42357 - Vulnerability Details - OpenCVE

When using Apache Knox SSO prior to 1.6.1, a request could be crafted to redirect a user to a malicious page due to improper URL parsing. A request that included a specially crafted request parameter could be used to redirect the user to a page controlled by an attacker. This URL would need to be presented to the user outside the normal request flow through a XSS or phishing campaign.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.15929.

Key SSVC decision points have not yet been added.

Vendors	Products
Apache Subscribe	Knox Subscribe

Configuration 1 [-]

cpe:2.3:a:apache:knox:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
Github GHSA	GHSA-vv38-4xcj-q4rw	Cross-site Scripting in Apache Knox SSO

Fixes

Solution

No solution given by the vendor.

Workaround

1.x users should upgrade to 1.6.1. Unsupported versions of the 0.x line that include this issue are: 0.13.0, 0.14.0. and these should upgrade to 1.6.1 as well. 1.0.0 and 1.1.0 are also Unsupported but affected and should upgrade to 1.6.1.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2022/01/17/2
https://lists.apache.org/thread/b7v5dkpyqb51nw0lvz4cybhgrfhk1g7j

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2022-01-17T19:25:09

Updated: 2024-08-04T03:30:38.347Z

Reserved: 2021-10-14T00:00:00

Link: CVE-2021-42357

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-01-17T20:15:07.697

Modified: 2024-11-21T06:27:39.103

Link: CVE-2021-42357

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-79

{"containers": {"cna": {"affected": [{"product": "Apache Knox", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "1.6.1", "status": "affected", "version": "Apache Knox 1.x", "versionType": "custom"}, {"lessThan": "Apache Knox 0.x*", "status": "affected", "version": "0.12.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Apache Knox would like to thank Kajetan Rostojek for this report"}], "descriptions": [{"lang": "en", "value": "When using Apache Knox SSO prior to 1.6.1, a request could be crafted to redirect a user to a malicious page due to improper URL parsing. A request that included a specially crafted request parameter could be used to redirect the user to a page controlled by an attacker. This URL would need to be presented to the user outside the normal request flow through a XSS or phishing campaign."}], "metrics": [{"other": {"content": {"other": "moderate"}, "type": "unknown"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-01-17T21:06:09", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://lists.apache.org/thread/b7v5dkpyqb51nw0lvz4cybhgrfhk1g7j"}, {"name": "[oss-security] 20220117 CVE-2021-42357: DOM based XSS Vulnerability in Apache Knox", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2022/01/17/2"}], "source": {"discovery": "UNKNOWN"}, "title": "DOM based XSS Vulnerability in Apache Knox", "workarounds": [{"lang": "en", "value": "1.x users should upgrade to 1.6.1.\nUnsupported versions of the 0.x line that include this issue are: 0.13.0, 0.14.0.\nand these should upgrade to 1.6.1 as well.\n1.0.0 and 1.1.0 are also Unsupported but affected and should upgrade to 1.6.1.\n"}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "ID": "CVE-2021-42357", "STATE": "PUBLIC", "TITLE": "DOM based XSS Vulnerability in Apache Knox"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Knox", "version": {"version_data": [{"version_affected": "<", "version_name": "Apache Knox 1.x", "version_value": "1.6.1"}, {"version_affected": ">", "version_name": "Apache Knox 0.x", "version_value": "0.12.0"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "credit": [{"lang": "eng", "value": "Apache Knox would like to thank Kajetan Rostojek for this report"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "When using Apache Knox SSO prior to 1.6.1, a request could be crafted to redirect a user to a malicious page due to improper URL parsing. A request that included a specially crafted request parameter could be used to redirect the user to a page controlled by an attacker. This URL would need to be presented to the user outside the normal request flow through a XSS or phishing campaign."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": [{"other": "moderate"}], "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}]}, "references": {"reference_data": [{"name": "https://lists.apache.org/thread/b7v5dkpyqb51nw0lvz4cybhgrfhk1g7j", "refsource": "MISC", "url": "https://lists.apache.org/thread/b7v5dkpyqb51nw0lvz4cybhgrfhk1g7j"}, {"name": "[oss-security] 20220117 CVE-2021-42357: DOM based XSS Vulnerability in Apache Knox", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/01/17/2"}]}, "source": {"discovery": "UNKNOWN"}, "work_around": [{"lang": "en", "value": "1.x users should upgrade to 1.6.1.\nUnsupported versions of the 0.x line that include this issue are: 0.13.0, 0.14.0.\nand these should upgrade to 1.6.1 as well.\n1.0.0 and 1.1.0 are also Unsupported but affected and should upgrade to 1.6.1.\n"}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T03:30:38.347Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://lists.apache.org/thread/b7v5dkpyqb51nw0lvz4cybhgrfhk1g7j"}, {"name": "[oss-security] 20220117 CVE-2021-42357: DOM based XSS Vulnerability in Apache Knox", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/01/17/2"}]}]}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2021-42357", "datePublished": "2022-01-17T19:25:09", "dateReserved": "2021-10-14T00:00:00", "dateUpdated": "2024-08-04T03:30:38.347Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:knox:*:*:*:*:*:*:*:*", "matchCriteriaId": "D1DE53D2-9049-4622-BB80-9640BB120575", "versionEndExcluding": "1.6.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "When using Apache Knox SSO prior to 1.6.1, a request could be crafted to redirect a user to a malicious page due to improper URL parsing. A request that included a specially crafted request parameter could be used to redirect the user to a page controlled by an attacker. This URL would need to be presented to the user outside the normal request flow through a XSS or phishing campaign."}, {"lang": "es", "value": "Cuando era usado Apache Knox SSO versiones anteriores a 1.6.1, una petici\u00f3n pod\u00eda ser dise\u00f1ada para redirigir a un usuario a una p\u00e1gina maliciosa debido a un an\u00e1lisis incorrecto de la URL. Una petici\u00f3n que incluyera un par\u00e1metro de petici\u00f3n especialmente dise\u00f1ado podr\u00eda ser usada para redirigir al usuario a una p\u00e1gina controlada por un atacante. Esta URL tendr\u00eda que ser presentada al usuario fuera del flujo normal de peticiones mediante una campa\u00f1a de tipo XSS o phishing"}], "id": "CVE-2021-42357", "lastModified": "2024-11-21T06:27:39.103", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-01-17T20:15:07.697", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/01/17/2"}, {"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/b7v5dkpyqb51nw0lvz4cybhgrfhk1g7j"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/01/17/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/b7v5dkpyqb51nw0lvz4cybhgrfhk1g7j"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@apache.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}