CVE-2020-7354

Cross-site Scripting (XSS) vulnerability in the 'host' field of a discovered scan asset in Rapid7 Metasploit Pro allows an attacker with a specially-crafted network service of a scan target to store an XSS sequence in the Metasploit Pro console, which will trigger when the operator views the record of that scanned host in the Metasploit Pro interface. This issue affects Rapid7 Metasploit Pro version 4.17.1-20200427 and prior versions, and is fixed in Metasploit Pro version 4.17.1-20200514. See also CVE-2020-7355, which describes a similar issue, but involving the generated 'notes' field of a discovered scan asset.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.1 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
rapid7CNA
6.1 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 61%
VendorProductVersion
rapid7metasploit
𝑥
< 4.17.1
rapid7metasploit
4.17.1
rapid7metasploit
4.17.1:20170221
rapid7metasploit
4.17.1:20170323
rapid7metasploit
4.17.1:20170405
rapid7metasploit
4.17.1:20170419
rapid7metasploit
4.17.1:20170510
rapid7metasploit
4.17.1:20170518
rapid7metasploit
4.17.1:20170530
rapid7metasploit
4.17.1:20170613
rapid7metasploit
4.17.1:20170627
rapid7metasploit
4.17.1:20170718
rapid7metasploit
4.17.1:20170731
rapid7metasploit
4.17.1:20170816
rapid7metasploit
4.17.1:20170828
rapid7metasploit
4.17.1:20170914
rapid7metasploit
4.17.1:20170926
rapid7metasploit
4.17.1:20171009
rapid7metasploit
4.17.1:20171030
rapid7metasploit
4.17.1:20171115
rapid7metasploit
4.17.1:20171129
rapid7metasploit
4.17.1:20171206
rapid7metasploit
4.17.1:20171220
rapid7metasploit
4.17.1:20180108
rapid7metasploit
4.17.1:20180124
rapid7metasploit
4.17.1:20180206
rapid7metasploit
4.17.1:20180301
rapid7metasploit
4.17.1:20180312
rapid7metasploit
4.17.1:20180327
rapid7metasploit
4.17.1:20180410
rapid7metasploit
4.17.1:20180501
rapid7metasploit
4.17.1:20180511
rapid7metasploit
4.17.1:20180526
rapid7metasploit
4.17.1:20180618
rapid7metasploit
4.17.1:20180704
rapid7metasploit
4.17.1:20180716
rapid7metasploit
4.17.1:20180727
rapid7metasploit
4.17.1:20180813
rapid7metasploit
4.17.1:20180827
rapid7metasploit
4.17.1:20180907
rapid7metasploit
4.17.1:20180924
rapid7metasploit
4.17.1:20181009
rapid7metasploit
4.17.1:20181022
rapid7metasploit
4.17.1:20181105
rapid7metasploit
4.17.1:20181130
rapid7metasploit
4.17.1:20181215
rapid7metasploit
4.17.1:20190108
rapid7metasploit
4.17.1:20190118
rapid7metasploit
4.17.1:20190201
rapid7metasploit
4.17.1:20190219
rapid7metasploit
4.17.1:20190303
rapid7metasploit
4.17.1:20190319
rapid7metasploit
4.17.1:20190331
rapid7metasploit
4.17.1:20190416
rapid7metasploit
4.17.1:20190426
rapid7metasploit
4.17.1:20190513
rapid7metasploit
4.17.1:20190603
rapid7metasploit
4.17.1:20190607
rapid7metasploit
4.17.1:20190626
rapid7metasploit
4.17.1:20190722
rapid7metasploit
4.17.1:20190805
rapid7metasploit
4.17.1:20190819
rapid7metasploit
4.17.1:20190910
rapid7metasploit
4.17.1:20190930
rapid7metasploit
4.17.1:20191014
rapid7metasploit
4.17.1:20191030
rapid7metasploit
4.17.1:20191108
rapid7metasploit
4.17.1:20191209
rapid7metasploit
4.17.1:20200113
rapid7metasploit
4.17.1:20200122
rapid7metasploit
4.17.1:20200131
rapid7metasploit
4.17.1:20200218
rapid7metasploit
4.17.1:20200302
rapid7metasploit
4.17.1:20200318
rapid7metasploit
4.17.1:20200330
rapid7metasploit
4.17.1:20200413
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://avalz.it/research/metasploit-pro-xss-to-rce/
https://help.rapid7.com/metasploit/release-notes/archive/2020/05/#20200514
https://avalz.it/research/metasploit-pro-xss-to-rce/
https://help.rapid7.com/metasploit/release-notes/archive/2020/05/#20200514