{"containers": {"cna": {"affected": [{"product": "Node.js", "vendor": "The Node.js Project", "versions": [{"status": "affected", "version": "^6.0.0 || ^8.0.0 || ^9.0.0"}]}], "datePublic": "2018-03-21T00:00:00", "descriptions": [{"lang": "en", "value": "The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the Node.js process. A malicious website could use a DNS rebinding attack to trick the web browser to bypass same-origin-policy checks and to allow HTTP connections to localhost or to hosts on the local network. If a Node.js process with the debug port active is running on localhost or on a host on the local network, the malicious website could connect to it as a debugger, and get full code execution access."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-350", "description": "CWE-350: Reliance on Reverse DNS Resolution for a Security-Critical Action", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-07-20T22:53:16", "orgId": "386269d4-a6c6-4eaa-bf8e-bc0b0d010558", "shortName": "nodejs"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.f5.com/csp/article/K63025104?utm_source=f5support&amp%3Butm_medium=RSS"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve-request@iojs.org", "DATE_PUBLIC": "2018-03-21T00:00:00", "ID": "CVE-2018-7160", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Node.js", "version": {"version_data": [{"version_value": "^6.0.0 || ^8.0.0 || ^9.0.0"}]}}]}, "vendor_name": "The Node.js Project"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the Node.js process. A malicious website could use a DNS rebinding attack to trick the web browser to bypass same-origin-policy checks and to allow HTTP connections to localhost or to hosts on the local network. If a Node.js process with the debug port active is running on localhost or on a host on the local network, the malicious website could connect to it as a debugger, and get full code execution access."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-350: Reliance on Reverse DNS Resolution for a Security-Critical Action"}]}]}, "references": {"reference_data": [{"name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"name": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/", "refsource": "CONFIRM", "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/"}, {"name": "https://support.f5.com/csp/article/K63025104?utm_source=f5support&utm_medium=RSS", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K63025104?utm_source=f5support&utm_medium=RSS"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T06:24:10.499Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.f5.com/csp/article/K63025104?utm_source=f5support&amp%3Butm_medium=RSS"}]}]}, "cveMetadata": {"assignerOrgId": "386269d4-a6c6-4eaa-bf8e-bc0b0d010558", "assignerShortName": "nodejs", "cveId": "CVE-2018-7160", "datePublished": "2018-05-17T14:00:00Z", "dateReserved": "2018-02-15T00:00:00", "dateUpdated": "2024-09-17T01:35:37.449Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "matchCriteriaId": "D107EC29-67E7-40C3-8E5A-324C9105C5E4", "versionEndIncluding": "6.8.1", "versionStartIncluding": "6.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "matchCriteriaId": "B6855CC9-21A0-4C1B-8C27-A15FA0D7244F", "versionEndExcluding": "6.14.0", "versionStartIncluding": "6.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "matchCriteriaId": "74FB695D-2C76-47AB-988E-5629D2E695E5", "versionEndIncluding": "8.8.1", "versionStartIncluding": "8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "matchCriteriaId": "A6E7AD1F-26AA-4CBA-9162-7DFC0B09E620", "versionEndExcluding": "8.11.0", "versionStartIncluding": "8.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "matchCriteriaId": "8FC117F5-0B41-49F5-83DF-B830DEE95404", "versionEndExcluding": "9.10.0", "versionStartIncluding": "9.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the Node.js process. A malicious website could use a DNS rebinding attack to trick the web browser to bypass same-origin-policy checks and to allow HTTP connections to localhost or to hosts on the local network. If a Node.js process with the debug port active is running on localhost or on a host on the local network, the malicious website could connect to it as a debugger, and get full code execution access."}, {"lang": "es", "value": "El inspector de Node.js, en versiones 6.x y siguientes, es vulnerable a un ataque de reenlace DNS que podr\u00eda explotarse para ejecutar c\u00f3digo de forma remota. El ataque es posible desde sitios web maliciosos abiertos en un navegador web en el mismo ordenador o desde otro ordenador con acceso de red al ordenador que ejecuta el proceso Node.js. Un sitio web malicioso podr\u00eda emplear un ataque de reenlace DNS para enga\u00f1ar al navegador web para que omita las comprobaciones de pol\u00edtica del mismo origen y para permitir conexiones HTTP al host local o a hosts en la red local. Si un proceso Node.js con el puerto de depuraci\u00f3n activo se est\u00e1 ejecutando en el host local o en un host en la red local, el sitio web malicioso podr\u00eda conectarse a \u00e9l como depurador y obtener acceso total de ejecuci\u00f3n de c\u00f3digo."}], "id": "CVE-2018-7160", "lastModified": "2024-11-21T04:11:42.010", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-05-17T14:29:00.827", "references": [{"source": "cve-request@iojs.org", "tags": ["Vendor Advisory"], "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/"}, {"source": "cve-request@iojs.org", "url": "https://support.f5.com/csp/article/K63025104?utm_source=f5support&amp%3Butm_medium=RSS"}, {"source": "cve-request@iojs.org", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.f5.com/csp/article/K63025104?utm_source=f5support&amp%3Butm_medium=RSS"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}], "sourceIdentifier": "cve-request@iojs.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-350"}], "source": "cve-request@iojs.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-290"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2018:2949", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs8-nodejs-0:8.11.4-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2018-10-18T00:00:00Z"}, {"advisory": "RHSA-2018:2949", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs8-nodejs-0:8.11.4-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS", "release_date": "2018-10-18T00:00:00Z"}, {"advisory": "RHSA-2018:2949", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs8-nodejs-0:8.11.4-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS", "release_date": "2018-10-18T00:00:00Z"}], "bugzilla": {"description": "nodejs: Inspector DNS rebinding vulnerability", "id": "1561979", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1561979"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.8", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L", "status": "verified"}, "cwe": "CWE-20", "details": ["The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the Node.js process. A malicious website could use a DNS rebinding attack to trick the web browser to bypass same-origin-policy checks and to allow HTTP connections to localhost or to hosts on the local network. If a Node.js process with the debug port active is running on localhost or on a host on the local network, the malicious website could connect to it as a debugger, and get full code execution access.", "It was found that when a Node.js script is run in inspector mode, Node.js did not properly validate the Host header, leaving the inspector vulnerable to a DNS rebind attack and bypass same-origin policy. If a developer had an inspector session running, and was visiting a malicious website, the site could carry on a DNS rebind attack, allowing the site to have full access to the debugged script."], "name": "CVE-2018-7160", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "nodejs", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:openshift:3", "fix_state": "Not affected", "package_name": "nodejs", "product_name": "Red Hat OpenShift Enterprise 3"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Not affected", "package_name": "rh-nodejs4-nodejs", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Will not fix", "package_name": "rh-nodejs6-nodejs", "product_name": "Red Hat Software Collections"}], "public_date": "2018-03-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-7160\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-7160"], "threat_severity": "Moderate", "upstream_fix": "nodejs 8.11.0, nodejs 6.14.0, nodejs 9.10.0"}