CVE-2021-3509: 
Linux Debian vulnerability analysis and mitigation

A vulnerability (CVE-2021-3509) was discovered in Red Hat Ceph Storage 4's Dashboard component. The issue arose as a follow-up to a previous fix for CVE-2020-27839, where JWT tokens were moved from localStorage to httpOnly cookies. However, these token cookies were still exposed in the HTTP response body for documentation, making them vulnerable to Cross-Site Scripting (XSS) attacks. The vulnerability was discovered by Sergey Bobrov from Kaspersky and disclosed on May 14, 2021 (OSS Security).

The vulnerability is classified as a Cross-Site Scripting (XSS) issue with a CVSS v3.1 Base Score of 6.1 (Medium). The attack vector is network-based (AV:N), requires low attack complexity (AC:L), needs no privileges (PR:N), requires user interaction (UI:R), and has a changed scope (S:C) with low impacts on confidentiality (C:L) and integrity (I:L), but no impact on availability (A:N) (NVD).

The vulnerability could allow attackers to expose sensitive information or gain unintended access through cross-site scripting attacks. The greatest threats are to the system's confidentiality and integrity, while availability is not impacted (Ubuntu Security).

Patches were released for different versions of Ceph: Nautilus (commit adda853), Octopus (commit 7a1ca8d), and Pacific (commit af3fffa). The fix involved removing the token exposure in the documentation's HTTP response body. Various Linux distributions have also released fixed versions, including Ubuntu 20.04 LTS (15.2.12-0ubuntu0.20.04.1) and Ubuntu 21.04 (16.2.6-0ubuntu0.21.04.2) (OSS Security).