CVE-2021-43788 - OpenCVE

Nodebb is an open source Node.js based forum software. Prior to v1.18.5, a path traversal vulnerability was present that allowed users to access JSON files outside of the expected `languages/` directory. The vulnerability has been patched as of v1.18.5. Users are advised to upgrade as soon as possible.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Nodebb	Nodebb

Configuration 1 [-]

cpe:2.3:a:nodebb:nodebb:*:*:*:*:*:*:*:*

References

Link	Resource
https://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/	Exploit Third Party Advisory
https://github.com/NodeBB/NodeBB/commit/c8b2fc46dc698db687379106b3f01c71b80f495f	Patch Third Party Advisory
https://github.com/NodeBB/NodeBB/releases/tag/v1.18.5	Release Notes Third Party Advisory
https://github.com/NodeBB/NodeBB/security/advisories/GHSA-pfj7-2qfw-vwgm	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2021-11-29T19:35:12

Updated: 2022-09-13T20:52:38

Reserved: 2021-11-16T00:00:00

Link: CVE-2021-43788

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-11-29T20:15:08.253

Modified: 2022-10-27T19:32:51.133

Link: CVE-2021-43788

JSON object: View

Redhat Information

No data.

CWE

CWE-22

{"containers": {"cna": {"affected": [{"product": "NodeBB", "vendor": "NodeBB", "versions": [{"status": "affected", "version": ">= 1.0.4, < 1.18.5"}]}], "descriptions": [{"lang": "en", "value": "Nodebb is an open source Node.js based forum software. Prior to v1.18.5, a path traversal vulnerability was present that allowed users to access JSON files outside of the expected `languages/` directory. The vulnerability has been patched as of v1.18.5. Users are advised to upgrade as soon as possible."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-09-13T20:52:38", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/NodeBB/NodeBB/releases/tag/v1.18.5"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/NodeBB/NodeBB/security/advisories/GHSA-pfj7-2qfw-vwgm"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/NodeBB/NodeBB/commit/c8b2fc46dc698db687379106b3f01c71b80f495f"}, {"tags": ["x_refsource_MISC"], "url": "https://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/"}], "source": {"advisory": "GHSA-pfj7-2qfw-vwgm", "discovery": "UNKNOWN"}, "title": "Path traversal in translator module of NobeBB", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-43788", "STATE": "PUBLIC", "TITLE": "Path traversal in translator module of NobeBB"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "NodeBB", "version": {"version_data": [{"version_value": ">= 1.0.4, < 1.18.5"}]}}]}, "vendor_name": "NodeBB"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Nodebb is an open source Node.js based forum software. Prior to v1.18.5, a path traversal vulnerability was present that allowed users to access JSON files outside of the expected `languages/` directory. The vulnerability has been patched as of v1.18.5. Users are advised to upgrade as soon as possible."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/NodeBB/NodeBB/releases/tag/v1.18.5", "refsource": "MISC", "url": "https://github.com/NodeBB/NodeBB/releases/tag/v1.18.5"}, {"name": "https://github.com/NodeBB/NodeBB/security/advisories/GHSA-pfj7-2qfw-vwgm", "refsource": "CONFIRM", "url": "https://github.com/NodeBB/NodeBB/security/advisories/GHSA-pfj7-2qfw-vwgm"}, {"name": "https://github.com/NodeBB/NodeBB/commit/c8b2fc46dc698db687379106b3f01c71b80f495f", "refsource": "MISC", "url": "https://github.com/NodeBB/NodeBB/commit/c8b2fc46dc698db687379106b3f01c71b80f495f"}, {"name": "https://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/", "refsource": "MISC", "url": "https://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/"}]}, "source": {"advisory": "GHSA-pfj7-2qfw-vwgm", "discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-43788", "datePublished": "2021-11-29T19:35:12", "dateReserved": "2021-11-16T00:00:00", "dateUpdated": "2022-09-13T20:52:38", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nodebb:nodebb:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B0118EF-AB2D-420C-A454-405F2058F38A", "versionEndIncluding": "1.18.4", "versionStartIncluding": "1.0.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Nodebb is an open source Node.js based forum software. Prior to v1.18.5, a path traversal vulnerability was present that allowed users to access JSON files outside of the expected `languages/` directory. The vulnerability has been patched as of v1.18.5. Users are advised to upgrade as soon as possible."}, {"lang": "es", "value": "Nodebb es un software de foro de c\u00f3digo abierto basado en Node.js. En versiones anteriores a v1.18.5, se presentaba una vulnerabilidad de salto de ruta que permit\u00eda a usuarios acceder a archivos JSON fuera del directorio esperado \"languages/\". La vulnerabilidad ha sido parcheada a partir de la versi\u00f3n v1.18.5. Se aconseja a usuarios que actualicen lo antes posible"}], "id": "CVE-2021-43788", "lastModified": "2022-10-27T19:32:51.133", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2021-11-29T20:15:08.253", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/NodeBB/NodeBB/commit/c8b2fc46dc698db687379106b3f01c71b80f495f"}, {"source": "security-advisories@github.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/NodeBB/NodeBB/releases/tag/v1.18.5"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/NodeBB/NodeBB/security/advisories/GHSA-pfj7-2qfw-vwgm"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Primary"}]}