CVE-2017-1000479

Exploit

EPSS 18.99%
Published 03.01.2018 18:29:00
Last modified 21.11.2024 03:04:49
Source cve@mitre.org
Teams watchlist Login
Open Login

pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, because the error detection occurs before an X-Frame-Options header is set. This is fixed in 2.4.2-RELEASE. OPNsense, a 2015 fork of pfSense, was not vulnerable since version 16.1.16 released on June 06, 2016. The unprotected web form was removed from the code during an internal security audit under "possibly insecure" suspicions.

Affected products Warnungen 0 Metrics 3 CWE 1 References 9

Data is provided by the National Vulnerability Database (NVD)

Netgate ≫ Pfsense Version <= 2.4.1

Opnsense Project ≫ Opnsense Version < 16.1.16

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	18.99%	0.951

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE-352 Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

http://www.openwall.com/lists/oss-security/2017/11/22/7

Third Party Advisory

Exploit

Mailing List

https://doc.pfsense.org/index.php/2.4.2_New_Features_and_Changes

Vendor Advisory

Issue Tracking

https://github.com/opnsense/core/commit/d218b225

Patch

Third Party Advisory

https://github.com/pfsense/pfsense/commit/386d89b07

Patch