CVE-2019-19336: XSS
First published: Mon Dec 09 2019(Updated: )
A cross-site scripting vulnerability was reported in ovirt-engine's OAuth authorization endpoint. URL parameters would be included in the HTML response without escaping, allowing an attacker to craft malicious HTML pages that could run scripts in the context of the user's ovirt session. References: <a href="https://lists.ovirt.org/archives/list/announce@ovirt.org/thread/RHF4BJIIRVEW3PQVDLJTDZO5AARQWO6U/">https://lists.ovirt.org/archives/list/announce@ovirt.org/thread/RHF4BJIIRVEW3PQVDLJTDZO5AARQWO6U/</a>
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ovirt Ovirt-engine | <4.3.8 | |
| Redhat Virtualization | =4.3 | |
| redhat/ovirt-engine-dwh | <0:4.3.8-1.el7e | 0:4.3.8-1.el7e |
| redhat/ovirt-engine-metrics | <0:1.3.6.2-1.el7e | 0:1.3.6.2-1.el7e |
| redhat/ovirt-fast-forward-upgrade | <0:1.0.0-16.el7e | 0:1.0.0-16.el7e |
| redhat/ovirt-imageio-common | <0:1.5.3-0.el7e | 0:1.5.3-0.el7e |
| redhat/ovirt-imageio-proxy | <0:1.5.3-0.el7e | 0:1.5.3-0.el7e |
| redhat/ovirt-web-ui | <0:1.6.0-2.el7e | 0:1.6.0-2.el7e |
| redhat/rhv-log-collector-analyzer | <0:0.2.15-0.el7e | 0:0.2.15-0.el7e |
| redhat/v2v-conversion-host | <0:1.16.0-3.el7e | 0:1.16.0-3.el7e |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19336
- https://lists.ovirt.org/archives/list/announce@ovirt.org/thread/RHF4BJIIRVEW3PQVDLJTDZO5AARQWO6U/
- https://access.redhat.com/errata/RHSA-2020:0498
- https://access.redhat.com/security/cve/cve-2019-19336
- https://access.redhat.com/errata/RHSA-2020:3247
- https://bugzilla.redhat.com/show_bug.cgi?id=1781001
- https://www.cve.org/CVERecord?id=CVE-2019-19336 https://nvd.nist.gov/vuln/detail/CVE-2019-19336
Frequently Asked Questions
What is the vulnerability ID for this cross-site scripting vulnerability?
The vulnerability ID for this cross-site scripting vulnerability is CVE-2019-19336.
What is the severity of CVE-2019-19336?
CVE-2019-19336 has a severity value of 6.1, which is considered medium.
What software versions are affected by CVE-2019-19336?
The versions affected by CVE-2019-19336 include oVirt-engine before version 4.3.8, ovirt-engine-dwh version 0:4.3.8-1.el7e, ovirt-engine-metrics version 0:1.3.6.2-1.el7e, ovirt-fast-forward-upgrade version 0:1.0.0-16.el7e, ovirt-imageio-common version 0:1.5.3-0.el7e, ovirt-imageio-proxy version 0:1.5.3-0.el7e, ovirt-web-ui version 0:1.6.0-2.el7e, rhv-log-collector-analyzer version 0:0.2.15-0.el7e, and v2v-conversion-host version 0:1.16.0-3.el7e.
How can an attacker exploit CVE-2019-19336?
An attacker can exploit CVE-2019-19336 by crafting malicious HTML pages that can run scripts in the context of the user.
Is there a fix for CVE-2019-19336?
Yes, the fix for CVE-2019-19336 is to upgrade to oVirt-engine version 4.3.8.
- collector/redhat-cve
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-19336
- agent/software-canonical-lookup
- agent/tags
- agent/event
- collector/mitre-cve
- source/MITRE
- package-manager/redhat
- vendor/ovirt
- canonical/ovirt ovirt-engine
- vendor/redhat
- canonical/redhat virtualization
- version/redhat virtualization/4.3