{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-41808", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-07-22T13:57:37.135Z", "datePublished": "2024-07-25T20:10:04.248Z", "dateUpdated": "2024-08-02T04:46:52.985Z"}, "containers": {"cna": {"title": "OpenObserve stored XSS vulnerability may lead to complete account takeover", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/openobserve/openobserve/security/advisories/GHSA-hx23-g7m8-h76j", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/openobserve/openobserve/security/advisories/GHSA-hx23-g7m8-h76j"}], "affected": [{"vendor": "openobserve", "product": "openobserve", "versions": [{"version": "<= 0.9.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-25T20:10:04.248Z"}, "descriptions": [{"lang": "en", "value": "The OpenObserve open-source observability platform provides the ability to filter logs in a dashboard by the values uploaded in a given log. However, all versions of the platform through 0.9.1 do not sanitize user input in the filter selection menu, which may result in complete account takeover. It has been noted that the front-end uses `DOMPurify` or Vue templating to escape cross-site scripting (XSS) extensively, however certain areas of the front end lack this XSS protection. When combining the missing protection with the insecure authentication handling that the front-end uses, a malicious user may be able to take over any victim's account provided they meet the exploitation steps. As of time of publication, no patched version is available."}], "source": {"advisory": "GHSA-hx23-g7m8-h76j", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "openobserve", "product": "openobserve", "cpes": ["cpe:2.3:a:openobserve:openobserve:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "0.9.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-26T13:59:35.577599Z", "id": "CVE-2024-41808", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-26T14:00:19.978Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:46:52.985Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/openobserve/openobserve/security/advisories/GHSA-hx23-g7m8-h76j", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/openobserve/openobserve/security/advisories/GHSA-hx23-g7m8-h76j"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/openobserve/openobserve/security/advisories/GHSA-hx23-g7m8-h76j", "name": "https://github.com/openobserve/openobserve/security/advisories/GHSA-hx23-g7m8-h76j", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:46:52.985Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-41808", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-26T13:59:35.577599Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:openobserve:openobserve:*:*:*:*:*:*:*:*"], "vendor": "openobserve", "product": "openobserve", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "0.9.1"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-26T14:00:15.611Z"}}], "cna": {"title": "OpenObserve stored XSS vulnerability may lead to complete account takeover", "source": {"advisory": "GHSA-hx23-g7m8-h76j", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "openobserve", "product": "openobserve", "versions": [{"status": "affected", "version": "<= 0.9.1"}]}], "references": [{"url": "https://github.com/openobserve/openobserve/security/advisories/GHSA-hx23-g7m8-h76j", "name": "https://github.com/openobserve/openobserve/security/advisories/GHSA-hx23-g7m8-h76j", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "The OpenObserve open-source observability platform provides the ability to filter logs in a dashboard by the values uploaded in a given log. However, all versions of the platform through 0.9.1 do not sanitize user input in the filter selection menu, which may result in complete account takeover. It has been noted that the front-end uses `DOMPurify` or Vue templating to escape cross-site scripting (XSS) extensively, however certain areas of the front end lack this XSS protection. When combining the missing protection with the insecure authentication handling that the front-end uses, a malicious user may be able to take over any victim's account provided they meet the exploitation steps. As of time of publication, no patched version is available."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-07-25T20:10:04.248Z"}}}, "cveMetadata": {"cveId": "CVE-2024-41808", "state": "PUBLISHED", "dateUpdated": "2024-08-02T04:46:52.985Z", "dateReserved": "2024-07-22T13:57:37.135Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-07-25T20:10:04.248Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openobserve:openobserve:*:*:*:*:*:*:*:*", "matchCriteriaId": "B19834C1-B457-44B3-90C0-141BF51DAEF8", "versionEndIncluding": "0.9.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The OpenObserve open-source observability platform provides the ability to filter logs in a dashboard by the values uploaded in a given log. However, all versions of the platform through 0.9.1 do not sanitize user input in the filter selection menu, which may result in complete account takeover. It has been noted that the front-end uses `DOMPurify` or Vue templating to escape cross-site scripting (XSS) extensively, however certain areas of the front end lack this XSS protection. When combining the missing protection with the insecure authentication handling that the front-end uses, a malicious user may be able to take over any victim's account provided they meet the exploitation steps. As of time of publication, no patched version is available."}, {"lang": "es", "value": "La plataforma de observabilidad de c\u00f3digo abierto OpenObserve brinda la capacidad de filtrar registros en un panel por los valores cargados en un registro determinado. Sin embargo, todas las versiones de la plataforma hasta la 0.9.1 no sanitizan la entrada del usuario en el men\u00fa de selecci\u00f3n de filtros, lo que puede resultar en una apropiaci\u00f3n total de la cuenta. Se ha observado que el front-end utiliza `DOMPurify` o plantillas Vue para escapar ampliamente del cross-site scripting (XSS), sin embargo, ciertas \u00e1reas del front-end carecen de esta protecci\u00f3n XSS. Al combinar la protecci\u00f3n faltante con el manejo de autenticaci\u00f3n inseguro que utiliza el front-end, un usuario malintencionado puede hacerse cargo de la cuenta de cualquier v\u00edctima siempre que cumpla con los pasos de explotaci\u00f3n. Al momento de la publicaci\u00f3n, no hay ninguna versi\u00f3n parcheada disponible."}], "id": "CVE-2024-41808", "lastModified": "2024-11-21T09:33:06.860", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-25T20:15:05.153", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "url": "https://github.com/openobserve/openobserve/security/advisories/GHSA-hx23-g7m8-h76j"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "url": "https://github.com/openobserve/openobserve/security/advisories/GHSA-hx23-g7m8-h76j"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}