Improper neutralization of input during web page generation ('cross-site scripting') in Azure Stack Edge allows an authorized attacker to perform spoofing over a network.
According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities. How could an attacker exploit this vulnerability? An attacker could exploit this vulnerability by uploading a crafted SSL/TLS certificate containing malicious JavaScript in its X.509 Subject or Issuer fields to the Azure Stack Edge Local UI certificate management interface. When an administrator views the certificate details, the script executes in their browser session, allowing the attacker to perform administrative actions and access sensitive configuration or cryptographic material within the Local UI.
<a href="https://www.linkedin.com/in/hay-mizrachi/">Hay Mizrachi</a> with <a href="https://microsoft.com/">Microsoft</a>