Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 08 Jul 2014 12:11:10 -0400
From: Tristan Cacqueray <>
Subject: [OSSA 2014-023] Multiple XSS vulnerabilities in Horizon (CVE-2014-3473,
 CVE-2014-3474, and CVE-2014-3475)

OpenStack Security Advisory: 2014-023
CVE: CVE-2014-3473, CVE-2014-3474, and CVE-2014-3475
Date: July 08, 2014
Title: Multiple XSS vulnerabilities in Horizon
Reporter: Jason Hullinger (HP)    - CVE-2014-3473
          Craig Lorentzen (Cisco) - CVE-2014-3474
          Michael Xin (Rackspace) - CVE-2014-3475
Products: Horizon
Versions: up to 2013.2.3, and 2014.1 versions up to 2014.1.1

Jason Hullinger from Hewlett Packard, Craig Lorentzen from Cisco and
Michael Xin from Rackspace reported 3 cross-site scripting (XSS)
vulnerabilities in Horizon. A malicious Orchestration template owner or
catalog may conduct an XSS attack once a corrupted template is used in
the Orchestration/Stack section of Horizon. A malicious Horizon user may
store an XSS attack by creating a network with a corrupted name. A
malicious Horizon administrator may store an XSS attack by creating a
user with a corrupted email address. Once executed in a legitimate
context these attacks may result in potential asset stealing (horizon
user/admin access credentials, VMs/Network configuration/management,
tenants' confidential information, etc.). All Horizon setups are affected.

Juno (development branch) fix:

Icehouse fix:

Havana fix:

This fix will be included in the Juno-2 development milestone and in
future 2013.2.4 and 2014.1.2 releases.


Tristan Cacqueray
OpenStack Vulnerability Management Team

Download attachment "signature.asc" of type "application/pgp-signature" (539 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ