Login Sign Up

CVE-2024-55029

6.1 MEDIUM
Cross-Site Scripting

📋 TL;DR

NASA Fprime v3.4.3 contains multiple cross-site scripting (XSS) vulnerabilities that allow attackers to inject malicious scripts into web pages viewed by other users. This affects any organization using NASA Fprime v3.4.3 for web applications. The vulnerabilities could lead to session hijacking, data theft, or unauthorized actions.

💻 Affected Systems

Products:
  • NASA Fprime
Versions: v3.4.3
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Any web application built with NASA Fprime v3.4.3 that accepts user input and displays it without proper sanitization is vulnerable.

📦 What is this software?

Fprime by Nasa

View all CVEs affecting Fprime →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal administrator credentials, hijack user sessions, deface websites, or redirect users to malicious sites, potentially leading to complete system compromise.

🟠

Likely Case

Attackers inject malicious scripts to steal user session cookies or credentials, enabling unauthorized access to user accounts and sensitive data.

🟢

If Mitigated

With proper input validation and output encoding, the impact is limited to minor data leakage or temporary disruption.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

XSS vulnerabilities typically require minimal technical skill to exploit once the vulnerable endpoints are identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified

Vendor Advisory: Not available

Restart Required: No

Instructions:

1. Monitor NASA Fprime GitHub repository for security updates. 2. Apply the official patch when released. 3. Test the patch in a non-production environment first.

🔧 Temporary Workarounds

Implement Input Validation and Output Encoding

all

Sanitize all user inputs and encode outputs to prevent script injection.

Enable Content Security Policy (CSP)

all

Configure CSP headers to restrict script execution sources.

Add 'Content-Security-Policy' header with appropriate directives in web server configuration.

🧯 If You Can't Patch

  • Implement a Web Application Firewall (WAF) with XSS protection rules.
  • Disable or restrict access to vulnerable endpoints if possible.

🔍 How to Verify

Check if Vulnerable:

Review NASA Fprime version in your application configuration or package manager. Check for v3.4.3.

Check Version:

Check the version in your Fprime configuration file or use package manager commands specific to your deployment.

Verify Fix Applied:

After applying mitigations, test with XSS payloads (e.g., <script>alert('test')</script>) to ensure they are properly sanitized.

📡 Detection & Monitoring

Log Indicators:

  • Unusual script tags or JavaScript in HTTP request logs.
  • Multiple failed login attempts or session hijacking alerts.

Network Indicators:

  • HTTP requests containing suspicious script payloads.
  • Unexpected redirects to external domains.

SIEM Query:

source="web_logs" AND (http_request CONTAINS "<script>" OR http_request CONTAINS "javascript:")

📊 Metadata

CVE ID: CVE-2024-55029
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-79
EPSS Score: 0.18% exploit probability (39.7th percentile)
Published: March 25, 2025
Last Updated: April 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-55029, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)