CVE-2023-0214 - OpenCVE

A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be injected into the response when accessed through SWG.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Trellix	Skyhigh Secure Web Gateway

Configuration 1 [-]

OR	cpe:2.3:a:trellix:skyhigh_secure_web_gateway::::::::
	cpe:2.3:a:trellix:skyhigh_secure_web_gateway::::::::
	cpe:2.3:a:trellix:skyhigh_secure_web_gateway:12.0.0:::::::*

No data.

References

Link	Providers
https://kcm.trellix.com/corporate/index?page=content&id=SB10393

History

No history.

MITRE

Status: PUBLISHED

Assigner: trellix

Published: 2023-01-18T10:49:16.055Z

Updated: 2024-08-02T05:02:43.962Z

Reserved: 2023-01-11T11:16:42.326Z

Link: CVE-2023-0214

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-01-18T11:15:10.450

Modified: 2023-11-07T03:59:51.737

Link: CVE-2023-0214

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-0214", "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "state": "PUBLISHED", "assignerShortName": "trellix", "dateReserved": "2023-01-11T11:16:42.326Z", "datePublished": "2023-01-18T10:49:16.055Z", "dateUpdated": "2024-08-02T05:02:43.962Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Secure Web Gateway (SWG)", "vendor": "Skyhigh Security", "versions": [{"lessThan": "11.2.6", "status": "affected", "version": "11.x", "versionType": "custom"}, {"lessThan": "10.2.17", "status": "affected", "version": "10.x", "versionType": "custom"}, {"lessThan": "12.0.1", "status": "affected", "version": "12.x", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "RedTeam Pentesting GmbH"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be injected into the response when accessed through SWG.</span><br><br>"}], "value": "A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be injected into the response when accessed through SWG.\n\n"}], "impacts": [{"capecId": "CAPEC-63", "descriptions": [{"lang": "en", "value": "CAPEC-63 Cross-Site Scripting (XSS)"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\t", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "shortName": "trellix", "dateUpdated": "2023-01-18T10:49:16.055Z"}, "references": [{"url": "https://kcm.trellix.com/corporate/index?page=content&id=SB10393"}], "source": {"discovery": "EXTERNAL"}, "title": "XSS in Skyhigh Security SWG", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:02:43.962Z"}, "title": "CVE Program Container", "references": [{"url": "https://kcm.trellix.com/corporate/index?page=content&id=SB10393", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:trellix:skyhigh_secure_web_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "6FB99F4A-1462-4F6A-961B-03A95E467A3A", "versionEndExcluding": "10.2.17", "versionStartIncluding": "10.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:trellix:skyhigh_secure_web_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "4488FDBC-6521-42BE-AC38-7B8030835525", "versionEndExcluding": "11.2.6", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:trellix:skyhigh_secure_web_gateway:12.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "52ABF6E4-6DF0-4C89-8E27-68E62F720594", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be injected into the response when accessed through SWG.\n\n"}, {"lang": "es", "value": "Una vulnerabilidad de cross site scripting en Skyhigh SWG en las versiones principales desde la 11.x a la 11.2.6, 10.x a la 10.2.17 y la versi\u00f3n controlada 12.x a la 12.0.1 permite a un atacante remoto crear solicitudes internas SWG con rutas URL a cualquier sitio web de terceros, lo que provoca que se inyecte contenido arbitrario en la respuesta cuando se accede a trav\u00e9s de SWG."}], "id": "CVE-2023-0214", "lastModified": "2023-11-07T03:59:51.737", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "trellixpsirt@trellix.com", "type": "Secondary"}]}, "published": "2023-01-18T11:15:10.450", "references": [{"source": "trellixpsirt@trellix.com", "tags": ["Vendor Advisory"], "url": "https://kcm.trellix.com/corporate/index?page=content&id=SB10393"}], "sourceIdentifier": "trellixpsirt@trellix.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "trellixpsirt@trellix.com", "type": "Secondary"}]}