OSSA-2014-027: Persistent XSS in Horizon Host Aggregates interface

OSSA-2014-027: Persistent XSS in Horizon Host Aggregates interface

Date:August 19, 2014
CVE:CVE-2014-3594

Affects

  • Horizon: up to 2013.2.3, and 2014.1 versions up to 2014.1.2

Description

Dennis Felsch and Mario Heiderich from the Horst Görtz Institute for IT-Security, Ruhr-University Bochum reported a persistent XSS in Horizon. A malicious administrator may conduct a persistent XSS attack by registering a malicious host aggregate in Horizon Host Aggregate interface. Once executed in a legitimate context this attack may reveal another admin token, potentially resulting in a lateral privilege escalation. All Horizon setups are affected.

Credits

  • Dennis Felsch from Ruhr-University Bochum (CVE-2014-3594)
  • Mario Heiderich from Ruhr-University Bochum (CVE-2014-3594)
Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.