{
  "id": "CVE-2023-49111",
  "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf",
  "published": "2024-06-20T13:15:49.380",
  "lastModified": "2024-11-21T08:32:51.160",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "For Kiuwan installations with SSO (single sign-on) enabled, an \nunauthenticated reflected cross-site scripting attack can be performed \non the login page \"login.html\". This is possible due to the request parameter \"message\" values\n being directly included in a JavaScript block in the response. This is \nespecially critical in business environments using AD SSO \nauthentication, e.g. via ADFS, where attackers could potentially steal \nAD passwords.\n\n\n\nThis issue affects Kiuwan SAST: <master.1808.p685.q13371"
    },
    {
      "lang": "es",
      "value": "Para las instalaciones de Kiuwan con SSO (inicio de sesi\u00f3n \u00fanico) habilitado, se puede realizar un ataque de  Cross Site Scripting reflejado no autenticado en la p\u00e1gina de inicio de sesi\u00f3n \"login.html\". Esto es posible debido a que los valores de \"mensaje\" del par\u00e1metro de solicitud se incluyen directamente en un bloque de JavaScript en la respuesta. Esto es especialmente cr\u00edtico en entornos empresariales que utilizan autenticaci\u00f3n AD SSO, por ejemplo, a trav\u00e9s de ADFS, donde los atacantes podr\u00edan potencialmente robar contrase\u00f1as de AD. Este problema afecta a Kiuwan SAST: "
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://r.sec-consult.com/kiuwan",
      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf"
    },
    {
      "url": "https://www.kiuwan.com/docs/display/K5/%5B2024-05-30%5D+Change+Log",
      "source": "551230f0-3615-47bd-b7cc-93e92e730bbf"
    },
    {
      "url": "https://r.sec-consult.com/kiuwan",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://www.kiuwan.com/docs/display/K5/%5B2024-05-30%5D+Change+Log",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    }
  ]
}