Vulnerability Details : CVE-2021-43786
Nodebb is an open source Node.js based forum software. In affected versions incorrect logic present in the token verification step unintentionally allowed master token access to the API. The vulnerability has been patch as of v1.18.5. Users are advised to upgrade as soon as possible.
Vulnerability category: BypassGain privilege
Products affected by CVE-2021-43786
- cpe:2.3:a:nodebb:nodebb:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-43786
0.21%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 59 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-43786
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
GitHub, Inc. |
CWE ids for CVE-2021-43786
-
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.Assigned by: security-advisories@github.com (Primary)
References for CVE-2021-43786
-
https://github.com/NodeBB/NodeBB/security/advisories/GHSA-hf2m-j98r-4fqw
API token verification can be bypassed · Advisory · NodeBB/NodeBB · GitHubThird Party Advisory
-
https://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/
NodeBB 1.18.4 - Remote Code Execution With One ShotExploit;Third Party Advisory
-
https://github.com/NodeBB/NodeBB/releases/tag/v1.18.5
Release v1.18.5 · NodeBB/NodeBB · GitHubRelease Notes;Third Party Advisory
-
https://github.com/NodeBB/NodeBB/commit/04dab1d550cdebf4c1567bca9a51f8b9ca48a500
fix: token verify · NodeBB/NodeBB@04dab1d · GitHubPatch;Third Party Advisory
Jump to