Security advisory.
Stored XSS Vulnerability in QualysGuard VM/PC [CVE-2023-6146]
| Affected Product: | Qualys Private Cloud Platform (PCP) |
| Advisory ID: | Q-PVD-2023-08 |
| CVE ID: | CVE-2023-6146 |
| Published: | 2023-11-16 |
| CWE: | CWE-79 |
Risk Factor
| NVD Risk Rating | Qualys Risk Rating | |
| CVSSv3.1 Score | TBD | 5.7 |
| CVSSv3.1 Vector (Base) | TBD | AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N |
Description
A Qualys web application was found to have a stored XSS vulnerability resulting from the absence of HTML encoding in the presentation of logging information to users. This vulnerability allowed a user with login access to the application to introduce XSS payload via browser details.
Solution
Customers should upgrade Qualys Private Cloud Platform to a minimum version of 10.24.0.0.
Risk Management Considerations
Qualys has assessed the exploit and believes the risk to be (Moderate) for the following reasons:
- A valid user account is necessary to exploit the vulnerability, and the user needs to login to insert the payload
- The payload will only execute on visiting a specific page in the application and doesn't affect any other applications/ modules
- Cookie / Session has been set with HTTPOnly flag which prevent session compromise
Acknowledgments
Frank Cozijnsen of the KPN REDteam
