CVE-2023-6146 - Vulnerability Details - OpenCVE

A Qualys web application was found to have a stored XSS vulnerability resulting from the absence of HTML encoding in the presentation of logging information to users. This vulnerability allowed a user with login access to the application to introduce XSS payload via browser details.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0055.

Exploitation none

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Qualys

Qualysguard

unaffected

Version	Status	Constraints
	affected	< 10.24.0.0

Configuration 1 [-]

cpe:2.3:a:qualys:private_cloud_platform:*:*:*:*:*:*:*:*

No data.

No data.

Subscriptions

Vendors	Products
Qualys Subscribe	Private Cloud Platform Subscribe

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2023-58400	A Qualys web application was found to have a stored XSS vulnerability resulting from the absence of HTML encoding in the presentation of logging information to users. This vulnerability allowed a user with login access to the application to introduce XSS payload via browser details.

Fixes

Solution

Customers should upgrade Qualys Private Cloud Platform to a minimum version of 10.24.0.0. For customer on Qualys Shared Cloud no actions are necessary.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.qualys.com/security-advisories/

History

Wed, 09 Oct 2024 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Qualys

Published: 2023-12-08T14:21:56.577Z

Updated: 2024-10-09T13:48:40.807Z

Reserved: 2023-11-15T10:10:22.335Z

Link: CVE-2023-6146

Vulnrichment

Updated: 2024-08-02T08:21:17.584Z

NVD

Status : Modified

Published: 2023-12-08T15:15:08.037

Modified: 2024-11-21T08:43:14.670

Link: CVE-2023-6146

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-79

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6146", "assignerOrgId": "8a309ac4-d8c7-4735-9c1d-ca39c5dfbcda", "state": "PUBLISHED", "assignerShortName": "Qualys", "dateReserved": "2023-11-15T10:10:22.335Z", "datePublished": "2023-12-08T14:21:56.577Z", "dateUpdated": "2024-10-09T13:48:40.807Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["PCP"], "product": "Qualysguard", "vendor": "Qualys", "versions": [{"lessThan": " 10.24.0.0", "status": "affected", "version": " ", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Frank Cozijnsen of the KPN REDteam "}], "datePublic": "2023-12-08T14:02:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A Qualys web application was found to have a stored XSS vulnerability resulting from the absence of HTML encoding in the presentation of logging information to users. T</span><span style=\"background-color: rgb(255, 255, 255);\">his vulnerability allowed a user with login access to the application to introduce XSS payload via browser details.</span><span style=\"background-color: rgb(255, 255, 255);\"> </span>\n\n"}], "value": "\nA Qualys web application was found to have a stored XSS vulnerability resulting from the absence of HTML encoding in the presentation of logging information to users. This vulnerability allowed a user with login access to the application to introduce XSS payload via browser details.\u00a0\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8a309ac4-d8c7-4735-9c1d-ca39c5dfbcda", "shortName": "Qualys", "dateUpdated": "2023-12-08T14:21:56.577Z"}, "references": [{"url": "https://www.qualys.com/security-advisories/"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Customers should upgrade Qualys Private Cloud Platform to a minimum version of 10.24.0.0.</span><span style=\"background-color: rgb(255, 255, 255);\"> For customer on Qualys Shared Cloud no actions are necessary.</span><br>"}], "value": "\nCustomers should upgrade Qualys Private Cloud Platform to a minimum version of 10.24.0.0.\u00a0For customer on Qualys Shared Cloud no actions are necessary.\n"}], "source": {"discovery": "EXTERNAL"}, "title": "Stored XSS Vulnerability in QualysGuard VM/PC ", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:21:17.584Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.qualys.com/security-advisories/", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2023-12-08T16:13:24.604436Z", "id": "CVE-2023-6146", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-09T13:48:40.807Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.qualys.com/security-advisories/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:21:17.584Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6146", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2023-12-08T16:13:24.604436Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-09T13:48:30.581Z"}}], "cna": {"title": "Stored XSS Vulnerability in QualysGuard VM/PC ", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Frank Cozijnsen of the KPN REDteam "}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Qualys", "product": "Qualysguard", "versions": [{"status": "affected", "version": " ", "lessThan": " 10.24.0.0", "versionType": "custom"}], "platforms": ["PCP"], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "\nCustomers should upgrade Qualys Private Cloud Platform to a minimum version of 10.24.0.0.\u00a0For customer on Qualys Shared Cloud no actions are necessary.\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">Customers should upgrade Qualys Private Cloud Platform to a minimum version of 10.24.0.0.</span><span style=\"background-color: rgb(255, 255, 255);\"> For customer on Qualys Shared Cloud no actions are necessary.</span><br>", "base64": false}]}], "datePublic": "2023-12-08T14:02:00.000Z", "references": [{"url": "https://www.qualys.com/security-advisories/"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "\nA Qualys web application was found to have a stored XSS vulnerability resulting from the absence of HTML encoding in the presentation of logging information to users. This vulnerability allowed a user with login access to the application to introduce XSS payload via browser details.\u00a0\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">A Qualys web application was found to have a stored XSS vulnerability resulting from the absence of HTML encoding in the presentation of logging information to users. T</span><span style=\"background-color: rgb(255, 255, 255);\">his vulnerability allowed a user with login access to the application to introduce XSS payload via browser details.</span><span style=\"background-color: rgb(255, 255, 255);\"> </span>\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "8a309ac4-d8c7-4735-9c1d-ca39c5dfbcda", "shortName": "Qualys", "dateUpdated": "2023-12-08T14:21:56.577Z"}}}, "cveMetadata": {"cveId": "CVE-2023-6146", "state": "PUBLISHED", "dateUpdated": "2024-10-09T13:48:40.807Z", "dateReserved": "2023-11-15T10:10:22.335Z", "assignerOrgId": "8a309ac4-d8c7-4735-9c1d-ca39c5dfbcda", "datePublished": "2023-12-08T14:21:56.577Z", "assignerShortName": "Qualys"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:qualys:private_cloud_platform:*:*:*:*:*:*:*:*", "matchCriteriaId": "8592CBEB-FE44-4413-BC06-182BC622C87C", "versionEndExcluding": "10.24.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "\nA Qualys web application was found to have a stored XSS vulnerability resulting from the absence of HTML encoding in the presentation of logging information to users. This vulnerability allowed a user with login access to the application to introduce XSS payload via browser details.\u00a0\n\n"}, {"lang": "es", "value": "Se descubri\u00f3 que una aplicaci\u00f3n web Qualys ten\u00eda una vulnerabilidad XSS almacenada resultante de la ausencia de codificaci\u00f3n HTML en la presentaci\u00f3n de la informaci\u00f3n de registro a los usuarios. Esta vulnerabilidad permiti\u00f3 a un usuario con acceso a la aplicaci\u00f3n introducir el payload XSS a trav\u00e9s de los detalles del navegador."}], "id": "CVE-2023-6146", "lastModified": "2024-11-21T08:43:14.670", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 3.6, "source": "bugreport@qualys.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-08T15:15:08.037", "references": [{"source": "bugreport@qualys.com", "tags": ["Vendor Advisory"], "url": "https://www.qualys.com/security-advisories/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.qualys.com/security-advisories/"}], "sourceIdentifier": "bugreport@qualys.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "bugreport@qualys.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}