{
  "threat_severity" : "Moderate",
  "public_date" : "2020-03-13T00:00:00Z",
  "bugzilla" : {
    "description" : "ceph-dashboard: Don't use Browser's LocalStorage for storing JWT but Secure Cookies with proper HTTP Headers",
    "id" : "1901330",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1901330"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.4",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-522",
  "details" : [ "A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is stored by the frontend application in the browser’s localStorage which is potentially vulnerable to attackers via XSS attacks. The highest threat from this vulnerability is to data confidentiality and integrity.", "A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is stored by the frontend application in the browser’s localStorage which is potentially vulnerable to attackers via XSS attacks. The highest threat from this vulnerability is to data confidentiality and integrity." ],
  "statement" : "* Red Hat Ceph Storage 3 is not affected as it does not use authentication for the dashboard.\n* Red Hat OpenStack Platform deployments use the ceph package directly from the Ceph channel; the RHOSP package will not be updated at this time.\n* Red Hat OpenShift Container Storage (RHOCS) 4 shipped ceph package for the usage of RHOCS 4.2 only which has reached End of Life. The shipped version of ceph package is neither used nor supported with the release of RHOCS 4.3.\n* Red Hat Enterprise Linux 8 does not include the ceph dashboard component.",
  "affected_release" : [ {
    "product_name" : "Red Hat Ceph Storage 4.2",
    "release_date" : "2021-06-15T00:00:00Z",
    "advisory" : "RHSA-2021:2445",
    "cpe" : "cpe:/a:redhat:ceph_storage:4::el7",
    "package" : "ceph-2:14.2.11-181.el8cp"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Ceph Storage 2",
    "fix_state" : "Out of support scope",
    "package_name" : "ceph",
    "cpe" : "cpe:/a:redhat:ceph_storage:2"
  }, {
    "product_name" : "Red Hat Ceph Storage 3",
    "fix_state" : "Not affected",
    "package_name" : "ceph",
    "cpe" : "cpe:/a:redhat:ceph_storage:3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "ceph",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "ceph",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Openshift Container Storage 4",
    "fix_state" : "Will not fix",
    "package_name" : "ceph",
    "cpe" : "cpe:/a:redhat:openshift_container_storage:4"
  }, {
    "product_name" : "Red Hat OpenStack Platform 13 (Queens)",
    "fix_state" : "Will not fix",
    "package_name" : "ceph",
    "cpe" : "cpe:/a:redhat:openstack:13"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-27839\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-27839" ],
  "name" : "CVE-2020-27839",
  "mitigation" : {
    "value" : "Do not store sensitive data in HTML5 localStorage, not even temporarily. Use cookies with appropriate security flags (secure, HttpOnly, SameSite).",
    "lang" : "en:us"
  },
  "csaw" : false
}