CVE-2017-18635
Published: 25 September 2019
An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.
Priority
Status
Package | Release | Status |
---|---|---|
novnc Launchpad, Ubuntu, Debian |
impish |
Not vulnerable
(code not present)
|
hirsute |
Not vulnerable
(code not present)
|
|
bionic |
Needed
|
|
disco |
Not vulnerable
(code not present)
|
|
eoan |
Not vulnerable
(code not present)
|
|
focal |
Not vulnerable
(code not present)
|
|
groovy |
Not vulnerable
(code not present)
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Released
(1:0.4+dfsg+1+20131010+gitf68af8af3d-4+deb8u1build0.16.04.1)
|
|
lunar |
Not vulnerable
(code not present)
|
|
jammy |
Not vulnerable
(code not present)
|
|
kinetic |
Not vulnerable
(code not present)
|
|
mantic |
Not vulnerable
(code not present)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 6.1 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | Required |
Scope | Changed |
Confidentiality | Low |
Integrity impact | Low |
Availability impact | None |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18635
- https://bugs.launchpad.net/horizon/+bug/1656435
- https://github.com/novnc/noVNC/commit/6048299a138e078aed210f163111698c8c526a13#diff-286f7dc7b881e942e97cd50c10898f03L534
- https://github.com/novnc/noVNC/issues/748
- https://github.com/novnc/noVNC/releases/tag/v0.6.2
- https://ubuntu.com/security/notices/USN-4522-1
- NVD
- Launchpad
- Debian