CVE-2021-22884

Severity

88%

Complexity

27%

Confidentiality

98%

Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the “localhost6” domain. As long as the attacker uses the “localhost6” domain, they can still apply the attack described in CVE-2018-7160.

CVSS 3.1 Base Score 8.8. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).

CVSS 2.0 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P).

CVSS 3.1 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).

CVSS 2.0 Base Score 5.1. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:P).

Overview

First reported 3 years ago

2021-03-03 18:15:00

Last updated 3 years ago

2021-12-08 20:15:00

Affected Software

Fedora 32

32

NetApp Active IQ Unified Manager for VMware vSphere

vmware_vsphere

NetApp Active IQ Unified Manager for Windows

windows

Oracle PeopleSoft Enterprise PeopleTools 8.58

8.58

References

https://hackerone.com/reports/1069487

https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/

https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/#node-js-inspector-dns-rebinding-vulnerability-cve-2018-7160

https://hackerone.com/reports/1069487

Exploit, Issue Tracking, Third Party Advisory

https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/

Release Notes, Vendor Advisory

https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/#node-js-inspector-dns-rebinding-vulnerability-cve-2018-7160

Release Notes, Vendor Advisory

FEDORA-2021-a760169c3c

FEDORA-2021-f6bd75e9d4

FEDORA-2021-a760169c3c

Mailing List, Third Party Advisory

FEDORA-2021-f6bd75e9d4

Mailing List, Third Party Advisory

FEDORA-2021-6aaba80ba2

FEDORA-2021-6aaba80ba2

Mailing List, Third Party Advisory

https://security.netapp.com/advisory/ntap-20210416-0001/

https://www.oracle.com/security-alerts/cpuApr2021.html

https://security.netapp.com/advisory/ntap-20210416-0001/

Third Party Advisory

https://www.oracle.com/security-alerts/cpuApr2021.html

Patch, Third Party Advisory

N/A

https://security.netapp.com/advisory/ntap-20210723-0001/

https://www.oracle.com/security-alerts/cpuoct2021.html

N/A

Patch, Third Party Advisory

https://security.netapp.com/advisory/ntap-20210723-0001/

Third Party Advisory

https://www.oracle.com/security-alerts/cpuoct2021.html

Patch, Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.