CVE-2018-6849 - OpenCVE

In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Duckduckgo	Duckduckgo

Configuration 1 [-]

cpe:2.3:a:duckduckgo:duckduckgo:4.2.0:*:*:*:*:*:*:*

References

Link	Resource
https://datarift.blogspot.com/p/private-ip-leakage-using-webrtc.html	Third Party Advisory
https://github.com/rapid7/metasploit-framework/pull/9538	Issue Tracking Third Party Advisory
https://news.ycombinator.com/item?id=16699270	Third Party Advisory
https://voidsec.com/vpn-leak/	Third Party Advisory
https://www.exploit-db.com/exploits/44403/	Exploit Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2018-04-01T18:00:00

Updated: 2018-04-07T09:57:01

Reserved: 2018-02-08T00:00:00

Link: CVE-2018-6849

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-04-01T18:29:00.227

Modified: 2018-05-15T13:09:14.087

Link: CVE-2018-6849

JSON object: View

Redhat Information

No data.

CWE

CWE-200

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-04-01T00:00:00", "descriptions": [{"lang": "en", "value": "In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-04-07T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/rapid7/metasploit-framework/pull/9538"}, {"tags": ["x_refsource_MISC"], "url": "https://voidsec.com/vpn-leak/"}, {"name": "44403", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/44403/"}, {"tags": ["x_refsource_MISC"], "url": "https://news.ycombinator.com/item?id=16699270"}, {"tags": ["x_refsource_MISC"], "url": "https://datarift.blogspot.com/p/private-ip-leakage-using-webrtc.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-6849", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/rapid7/metasploit-framework/pull/9538", "refsource": "MISC", "url": "https://github.com/rapid7/metasploit-framework/pull/9538"}, {"name": "https://voidsec.com/vpn-leak/", "refsource": "MISC", "url": "https://voidsec.com/vpn-leak/"}, {"name": "44403", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/44403/"}, {"name": "https://news.ycombinator.com/item?id=16699270", "refsource": "MISC", "url": "https://news.ycombinator.com/item?id=16699270"}, {"name": "https://datarift.blogspot.com/p/private-ip-leakage-using-webrtc.html", "refsource": "MISC", "url": "https://datarift.blogspot.com/p/private-ip-leakage-using-webrtc.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-6849", "datePublished": "2018-04-01T18:00:00", "dateReserved": "2018-02-08T00:00:00", "dateUpdated": "2018-04-07T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:duckduckgo:duckduckgo:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E3B50A5D-541B-4CAD-A816-00A072D8F99F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request."}, {"lang": "es", "value": "En el componente WebRTC en DuckDuckGo 4.2.0, despu\u00e9s de visitar una p\u00e1gina web que intenta recolectar toda la informaci\u00f3n del cliente (como https://ip.voidsec.com), el navegador puede mostrar la direcci\u00f3n IP privada en una petici\u00f3n STUN."}], "id": "CVE-2018-6849", "lastModified": "2018-05-15T13:09:14.087", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-04-01T18:29:00.227", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://datarift.blogspot.com/p/private-ip-leakage-using-webrtc.html"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/rapid7/metasploit-framework/pull/9538"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://news.ycombinator.com/item?id=16699270"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://voidsec.com/vpn-leak/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/44403/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}