CVE-2024-47529

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. OpenC3 COSMOS stores the password of a user unencrypted in the LocalStorage of a web browser. This makes the user password susceptible to exfiltration via Cross-site scripting (see GHSL-2024-128). This vulnerability is fixed in 5.19.0. This only affects Open Source edition, and not OpenC3 COSMOS Enterprise Edition.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/OpenC3/cosmos/commit/b5ab34fe7fa54c0c8171c4aa3caf4e03d6f63bd7	Patch
https://github.com/OpenC3/cosmos/security/advisories/GHSA-4xqv-47rm-37mm	Vendor Advisory
https://securitylab.github.com/advisories/GHSL-2024-127_GHSL-2024-129_OpenC3_COSMOS	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:openc3:cosmos:*:*:*:*:open_source:*:*:*

History

No history.

Information

Published : 2024-10-02 20:15

Updated : 2024-11-13 17:15

NVD link : CVE-2024-47529

Mitre link : CVE-2024-47529

CVE.ORG link : CVE-2024-47529

JSON object : View

Products Affected

openc3

cosmos

CWE

CWE-312

Cleartext Storage of Sensitive Information

{"id": "CVE-2024-47529", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}], "cvssMetricV40": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 4.8, "automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "NONE", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "LOW", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-10-02T20:15:11.740", "references": [{"url": "https://github.com/OpenC3/cosmos/commit/b5ab34fe7fa54c0c8171c4aa3caf4e03d6f63bd7", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/OpenC3/cosmos/security/advisories/GHSA-4xqv-47rm-37mm", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://securitylab.github.com/advisories/GHSL-2024-127_GHSL-2024-129_OpenC3_COSMOS", "tags": ["Exploit", "Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-312"}]}], "descriptions": [{"lang": "en", "value": "OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. OpenC3 COSMOS stores the password of a user unencrypted in the LocalStorage of a web browser. This makes the user password susceptible to exfiltration via Cross-site scripting (see GHSL-2024-128). This vulnerability is fixed in 5.19.0. This only affects Open Source edition, and not OpenC3 COSMOS Enterprise Edition."}, {"lang": "es", "value": "OpenC3 COSMOS proporciona la funcionalidad necesaria para enviar comandos a uno o m\u00e1s sistemas integrados y recibir datos de ellos. OpenC3 COSMOS almacena la contrase\u00f1a de un usuario sin cifrar en el almacenamiento local de un navegador web. Esto hace que la contrase\u00f1a del usuario sea susceptible a la exfiltraci\u00f3n mediante Cross-Site Scripting (consulte GHSL-2024-128). Esta vulnerabilidad se ha corregido en la versi\u00f3n 5.19.0. Esto solo afecta a la edici\u00f3n Open Source, no a la OpenC3 COSMOS Enterprise Edition."}], "lastModified": "2024-11-13T17:15:46.543", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openc3:cosmos:*:*:*:*:open_source:*:*:*", "vulnerable": true, "matchCriteriaId": "04505723-F91D-400B-9AF7-F1524D21B3A4", "versionEndExcluding": "5.19.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}