Vulnerability Name:

CVE-2016-7034 (CCN-116685)

Assigned:2016-09-07
Published:2016-09-07
Updated:2018-02-15
Summary:The dashbuilder in Red Hat JBoss BPM Suite 6.3.2 does not properly handle CSRF tokens generated during an active session and includes them in query strings, which makes easier for remote attackers to (1) bypass CSRF protection mechanisms or (2) conduct cross-site request forgery (CSRF) attacks by obtaining an old token.
CVSS v3 Severity:8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
8.4 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): 
Attack Complexity (AC): 
Privileges Required (PR): 
User Interaction (UI): 
Scope:Scope (S): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
6.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): 
Attack Complexity (AC): 
Privileges Required (PR): 
User Interaction (UI): 
Scope:Scope (S): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-352
Vulnerability Consequences:Cross-Site Scripting
References:Source: MITRE
Type: CNA
CVE-2016-7034

Source: CCN
Type: RHSA-2017-0557
Moderate: Red Hat JBoss BPM Suite security update

Source: REDHAT
Type: UNKNOWN
RHSA-2017:0557

Source: BID
Type: Third Party Advisory, VDB Entry
92760

Source: CCN
Type: BID-92760
Red Hat JBoss BPMS CVE-2016-7034 Cross Site Request Forgery Vulnerability

Source: REDHAT
Type: UNKNOWN
RHSA-2018:0296

Source: CCN
Type: Red Hat Bugzilla – Bug 1373347
(CVE-2016-7034) CVE-2016-7034 JBoss bpms: insecure handling CSRF token in dashbuilder

Source: CONFIRM
Type: Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=1373347

Source: XF
Type: UNKNOWN
redhat-jboss-cve20167034-csrf(116685)

Source: CCN
Type: Red Hat Web site
Red Hat JBoss BPM Suite

Vulnerable Configuration:Configuration 1:
  • cpe:/a:redhat:jboss_bpm_suite:6.3.2:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-2016-7034 (CCN-124601)

    Assigned:2016-08-23
    Published:2017-03-16
    Updated:2017-03-16
    Summary:Red Hat JBoss BPM is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the dashbuilder. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
    CVSS v3 Severity:8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
    8.4 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C)
    Exploitability Metrics:Attack Vector (AV): 
    Attack Complexity (AC): 
    Privileges Required (PR): 
    User Interaction (UI): 
    Scope:Scope (S): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    6.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
    5.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C)
    Exploitability Metrics:Attack Vector (AV): 
    Attack Complexity (AC): 
    Privileges Required (PR): 
    User Interaction (UI): 
    Scope:Scope (S): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Medium
    Authentication (Au): None
    Impact Metrics:Confidentiality (C): Partial
    Integrity (I): Partial
    Availibility (A): Partial
    5.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Athentication (Au): Single_Instance
    Impact Metrics:Confidentiality (C): Partial
    Integrity (I): Partial
    Availibility (A): None
    Vulnerability Consequences:Cross-Site Scripting
    References:Source: MITRE
    Type: CNA
    CVE-2016-7034

    Source: CCN
    Type: BID-92760
    Red Hat JBoss BPMS CVE-2016-7034 Cross Site Request Forgery Vulnerability

    Source: CCN
    Type: Red Hat Bugzilla Bug 1371801
    (CVE-2016-6343) CVE-2016-6343 JBoss bpms 6.3.x reflected XSS in dashbuilder

    Source: XF
    Type: UNKNOWN
    redhat-jboss-cve20166343-xss(124601)

    Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:redhat:jboss_bpm_suite:6.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_bpm_suite:6.4.11:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    redhat jboss bpm suite 6.3.2
    redhat jboss bpm suite 6.3.2
    redhat jboss bpm suite 6.4.11