CVE-2024-49758 - Vulnerability Details - OpenCVE

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can add Notes to a device, the application did not properly sanitize the user input, when the ExamplePlugin enable, if java script code is inside the device's Notes, its will be trigger. This vulnerability is fixed in 24.10.0.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
Librenms	Librenms

Configuration 1 [-]

cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/librenms/librenms/commit/24b142d753898e273ec20b542a27dd6eb530c7d8
https://github.com/librenms/librenms/security/advisories/GHSA-c86q-rj37-8f85

History

Fri, 15 Nov 2024 19:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Librenms Librenms librenms
CPEs		cpe:2.3:a:librenms:librenms::::::::
Vendors & Products		Librenms Librenms librenms
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 15 Nov 2024 15:30:00 +0000

Type	Values Removed	Values Added
Description		LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can add Notes to a device, the application did not properly sanitize the user input, when the ExamplePlugin enable, if java script code is inside the device's Notes, its will be trigger. This vulnerability is fixed in 24.10.0.
Title		LibreNMS has a stored XSS in ExamplePlugin with Device's Notes
Weaknesses		CWE-79
References		https://github.com/librenms/librenms/commit/24b142d753898e273ec20b542a27dd6eb530c7d8 https://github.com/librenms/librenms/security/advisories/GHSA-c86q-rj37-8f85
Metrics		cvssV3_1 `{'score': 4.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-11-15T15:17:52.085Z

Updated: 2024-11-15T18:52:50.332Z

Reserved: 2024-10-18T13:43:23.454Z

Link: CVE-2024-49758

Vulnrichment

Updated: 2024-11-15T18:52:35.084Z

NVD

Status : Analyzed

Published: 2024-11-15T16:15:34.880

Modified: 2024-11-20T14:40:36.990

Link: CVE-2024-49758

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-49758", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-10-18T13:43:23.454Z", "datePublished": "2024-11-15T15:17:52.085Z", "dateUpdated": "2024-11-15T18:52:50.332Z"}, "containers": {"cna": {"title": "LibreNMS has a stored XSS in ExamplePlugin with Device's Notes", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/librenms/librenms/security/advisories/GHSA-c86q-rj37-8f85", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/librenms/librenms/security/advisories/GHSA-c86q-rj37-8f85"}, {"name": "https://github.com/librenms/librenms/commit/24b142d753898e273ec20b542a27dd6eb530c7d8", "tags": ["x_refsource_MISC"], "url": "https://github.com/librenms/librenms/commit/24b142d753898e273ec20b542a27dd6eb530c7d8"}], "affected": [{"vendor": "librenms", "product": "librenms", "versions": [{"version": "< 24.10.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-11-15T15:17:52.085Z"}, "descriptions": [{"lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can add Notes to a device, the application did not properly sanitize the user input, when the ExamplePlugin enable, if java script code is inside the device's Notes, its will be trigger. This vulnerability is fixed in 24.10.0."}], "source": {"advisory": "GHSA-c86q-rj37-8f85", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "librenms", "product": "librenms", "cpes": ["cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "24.10.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-15T18:51:55.820615Z", "id": "CVE-2024-49758", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-15T18:52:50.332Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-49758", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-15T18:51:55.820615Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*"], "vendor": "librenms", "product": "librenms", "versions": [{"status": "affected", "version": "0", "lessThan": "24.10.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-15T18:52:35.084Z"}}], "cna": {"title": "LibreNMS has a stored XSS in ExamplePlugin with Device's Notes", "source": {"advisory": "GHSA-c86q-rj37-8f85", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "librenms", "product": "librenms", "versions": [{"status": "affected", "version": "< 24.10.0"}]}], "references": [{"url": "https://github.com/librenms/librenms/security/advisories/GHSA-c86q-rj37-8f85", "name": "https://github.com/librenms/librenms/security/advisories/GHSA-c86q-rj37-8f85", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/librenms/librenms/commit/24b142d753898e273ec20b542a27dd6eb530c7d8", "name": "https://github.com/librenms/librenms/commit/24b142d753898e273ec20b542a27dd6eb530c7d8", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can add Notes to a device, the application did not properly sanitize the user input, when the ExamplePlugin enable, if java script code is inside the device's Notes, its will be trigger. This vulnerability is fixed in 24.10.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-11-15T15:17:52.085Z"}}}, "cveMetadata": {"cveId": "CVE-2024-49758", "state": "PUBLISHED", "dateUpdated": "2024-11-15T18:52:50.332Z", "dateReserved": "2024-10-18T13:43:23.454Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-11-15T15:17:52.085Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4BD88D2-5DA7-450B-AEFA-33BCA61685A7", "versionEndExcluding": "24.10.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can add Notes to a device, the application did not properly sanitize the user input, when the ExamplePlugin enable, if java script code is inside the device's Notes, its will be trigger. This vulnerability is fixed in 24.10.0."}, {"lang": "es", "value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. El usuario con rol de administrador puede agregar notas a un dispositivo, la aplicaci\u00f3n no desinfect\u00f3 correctamente la entrada del usuario, cuando se habilita ExamplePlugin, si el c\u00f3digo de script de Java est\u00e1 dentro de las notas del dispositivo, se activar\u00e1. Esta vulnerabilidad se corrigi\u00f3 en 24.10.0."}], "id": "CVE-2024-49758", "lastModified": "2024-11-20T14:40:36.990", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-11-15T16:15:34.880", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/librenms/librenms/commit/24b142d753898e273ec20b542a27dd6eb530c7d8"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/librenms/librenms/security/advisories/GHSA-c86q-rj37-8f85"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Primary"}]}