← voltar
CVE-2021-22884

CVE-2021-22884

EPSS 32.4%CWE-350
Em resumo

Node.js confia indevidamente em "localhost6" como um endereço seguro, permitindo que atacantes que controlam o DNS enganem a aplicação para se conectar a servidores remotos. Isso burlá proteções contra ataques a serviços locais.

Detalhe técnico

Vulnerabilidade de rebinding DNS na validação da whitelist do Node.js: "localhost6" está na lista de confiança mas é resolvido via DNS quando ausente em /etc/hosts, permitindo ataques de rebinding baseados em rede. Um atacante controlando o DNS da vítima pode redirecionar "localhost6" para endereços IP arbitrários, contornando mitigações do CVE-2018-7160 e acessando recursos locais restritos.

Resumo gerado e traduzido por IA a partir da descrição oficial.
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the “localhost6” domain. As long as the attacker uses the “localhost6” domain, they can still apply the attack described in CVE-2018-7160.
Produtos afetados
NodeJS · Node

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdfhttps://hackerone.com/reports/1069487https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4FRS5ZVK4ZQ7XIJQNGIKUXG2DJFHLO7/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F45Y7TXSU33MTKB6AGL2Q5V5ZOCNPKOG/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSYFUGKFUSZ27M5TEZ3FKILWTWFJTFAZ/https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/#node-js-inspector-dns-rebinding-vulnerability-cve-2018-7160https://security.netapp.com/advisory/ntap-20210416-0001/https://security.netapp.com/advisory/ntap-20210723-0001/https://www.oracle.com/security-alerts/cpuApr2021.htmlhttps://www.oracle.com//security-alerts/cpujul2021.htmlhttps://www.oracle.com/security-alerts/cpuoct2021.html