CVE-2024-2435

{"id": "CVE-2024-2435", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@temporal.io", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 0.9}]}, "published": "2024-04-02T17:15:46.610", "references": [{"url": "https://github.com/temporalio/ui-server/releases/tag/v2.25.0", "source": "security@temporal.io"}, {"url": "https://github.com/temporalio/ui-server/releases/tag/v2.25.0", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "security@temporal.io", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "For an attacker with pre-existing access to send a signal to a workflow, the attacker can make the signal name a script that executes when a victim views that signal. The XSS is in the timeline page displaying the workflow execution details of the workflow that was sent the crafted signal.\nAccess to send a signal to a workflow is determined by how you configured the authorizer on your server. This includes any entity with permission to directly call SignalWorkflowExecution or SignalWithStartWorkflowExecution, or any entity can deploy a worker that has access to call workflow progress APIs (specifically RespondWorkflowTaskCompleted).\n"}, {"lang": "es", "value": "Para que un atacante con acceso preexistente env\u00ede una se\u00f1al a un flujo de trabajo, el atacante puede hacer que la se\u00f1al nombre un script que se ejecute cuando una v\u00edctima vea esa se\u00f1al. El XSS se encuentra en la p\u00e1gina de la l\u00ednea de tiempo y muestra los detalles de ejecuci\u00f3n del flujo de trabajo al que se envi\u00f3 la se\u00f1al dise\u00f1ada. El acceso para enviar una se\u00f1al a un flujo de trabajo est\u00e1 determinado por c\u00f3mo configur\u00f3 el autorizador en su servidor. Esto incluye cualquier entidad con permiso para llamar directamente a SignalWorkflowExecution o SignalWithStartWorkflowExecution, o cualquier entidad que pueda implementar un trabajador que tenga acceso para llamar a las API de progreso del flujo de trabajo (espec\u00edficamente RespondWorkflowTaskCompleted)."}], "lastModified": "2024-11-21T09:09:45.060", "sourceIdentifier": "security@temporal.io"}