Carbon Black Persistent Cross-Site Scripting (XSS)

Dell SecureWorks Security Advisory SWRX-2014-008

Advisory Information

  • Title: Carbon Black Persistent Cross-Site Scripting (XSS)
  • Advisory ID: SWRX-2014-008
  • Date published: Tuesday, May 6, 2014
  • CVE: CVE-2014-1844
  • CVSS v2 base score: 3.5
  • Date of last update: Tuesday, May 6, 2014
  • Vendors contacted: Carbon Black
  • Release mode: Coordinated
  • Discovered by: Sean Wright, Dell SecureWorks


Carbon Black is an endpoint security solution that provides administrative functionality and other features via a dedicated web application. There is a vulnerability in the product's web interface due to insufficient server-side validation. An attacker can create a user with malicious username content, and this username is persisted to the server. When an administrator views a list of users, the malicious username is loaded and a cross-site script is injected into the page. An attacker could exploit this issue to direct a victim to a malicious website or steal the victim's session information.

Download the PDF: SWRX-2014-008

PGP Signature

Back to more Threat Analyses and Advisories


See for yourself: Request your demo to see how Taegis can reduce risk, optimize existing security investments, and fill talent gaps.