Vulnerability Details : CVE-2016-10526
A common setup to deploy to gh-pages on every commit via a CI system is to expose a github token to ENV and to use it directly in the auth part of the url. In module versions < 0.9.1 the auth portion of the url is outputted as part of the grunt tasks logging function. If this output is publicly available then the credentials should be considered compromised.
Products affected by CVE-2016-10526
- cpe:2.3:a:grunt-gh-pages_project:grunt-gh-pages:*:*:*:*:*:node.js:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-10526
0.15%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 51 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-10526
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
8.6
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N |
3.9
|
4.0
|
NIST |
CWE ids for CVE-2016-10526
-
Assigned by: nvd@nist.gov (Primary)
-
[PLANNED FOR DEPRECATION. SEE MAINTENANCE NOTES AND CONSIDER CWE-252, CWE-248, OR CWE-1069.] Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed.Assigned by: support@hackerone.com (Secondary)
-
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-10526
-
https://github.com/tschaub/grunt-gh-pages/pull/41
fix: not logging auth part of repo url by boennemann · Pull Request #41 · tschaub/grunt-gh-pages · GitHubThird Party Advisory
-
https://nodesecurity.io/advisories/85
npmThird Party Advisory
Jump to