CVE-2018-7160 : The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remo

The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the Node.js process. A malicious website could use a DNS rebinding attack to trick the web browser to bypass same-origin-policy checks and to allow HTTP connections to localhost or to hosts on the local network. If a Node.js process with the debug port active is running on localhost or on a host on the local network, the malicious website could connect to it as a debugger, and get full code execution access.

Published 2018-05-17 14:29:01

Updated 2022-08-16 13:01:01

Source Node.js

View at NVD, CVE.org

Vulnerability category: Execute code

Exploit prediction scoring system (EPSS) score for CVE-2018-7160

Probability of exploitation activity in the next 30 days: 3.26%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 91 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2018-7160

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2018-7160

CWE-290 Authentication Bypass by Spoofing

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

Assigned by: nvd@nist.gov (Primary)
CWE-350 Reliance on Reverse DNS Resolution for a Security-Critical Action

The product performs reverse DNS resolution on an IP address to obtain the hostname and make a security decision, but it does not properly ensure that the IP address is truly associated with the hostname.

Assigned by: cve-request@iojs.org (Secondary)

References for CVE-2018-7160

https://support.f5.com/csp/article/K63025104?utm_source=f5support&utm_medium=RSS

Third Party Advisory
https://www.oracle.com//security-alerts/cpujul2021.html

Oracle Critical Patch Update Advisory - July 2021
Third Party Advisory

CVEs referencing this url
https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/

March 2018 Security Releases | Node.js
Vendor Advisory

CVEs referencing this url

Products affected by CVE-2018-7160

Nodejs » Node.js »
Versions from including (>=) 8.0.0 and up to, including, (<=) 8.8.1
cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
Matching versions
Nodejs » Node.js »
Versions from including (>=) 9.0.0 and before (<) 9.10.0
cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
Matching versions
Nodejs » Node.js » LTS Edition
Versions from including (>=) 8.9.0 and before (<) 8.11.0
cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
Matching versions
Nodejs » Node.js » LTS Edition
Versions from including (>=) 6.9.0 and before (<) 6.14.0
cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
Matching versions
Nodejs » Node.js »
Versions from including (>=) 6.0.0 and up to, including, (<=) 6.8.1
cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
Matching versions

Vulnerability Details : CVE-2018-7160

Exploit prediction scoring system (EPSS) score for CVE-2018-7160

CVSS scores for CVE-2018-7160

CWE ids for CVE-2018-7160

References for CVE-2018-7160

Products affected by CVE-2018-7160