ID CVE-2018-12120
Summary Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with `node --debug` or `node debug`, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the debug port and evaluate arbitrary JavaScript. The default interface is now localhost. It has always been possible to start the debugger on a specific interface, such as `node --debug=localhost`. The debugger was removed in Node.js 8 and replaced with the inspector, so no versions from 8 and later are vulnerable.
References
Vulnerable Configurations
  • cpe:2.3:a:nodejs:node.js:6.0.0:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.0.0:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.1.0:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.1.0:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.2.0:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.2.0:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.2.1:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.2.1:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.2.2:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.2.2:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.3.0:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.3.0:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.3.1:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.3.1:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.4.0:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.4.0:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.5.0:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.5.0:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.6.0:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.6.0:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.7.0:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.7.0:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.8.0:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.8.0:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.8.1:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.8.1:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.9.0:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.9.0:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.9.1:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.9.1:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.9.2:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.9.2:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.9.3:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.9.3:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.9.4:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.9.4:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.9.5:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.9.5:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.10.0:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.10.0:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.10.1:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.10.1:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.10.2:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.10.2:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.10.3:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.10.3:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.11.0:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.11.0:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.11.1:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.11.1:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.11.2:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.11.2:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.11.3:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.11.3:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.11.4:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.11.4:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.11.5:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.11.5:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.12.0:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.12.0:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.12.1:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.12.1:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.12.2:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.12.2:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.12.3:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.12.3:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.13.0:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.13.0:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.13.1:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.13.1:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.14.0:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.14.0:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.14.1:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.14.1:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.14.2:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.14.2:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.14.3:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.14.3:*:*:*:lts:*:*:*
  • cpe:2.3:a:nodejs:node.js:6.14.4:*:*:*:lts:*:*:*
    cpe:2.3:a:nodejs:node.js:6.14.4:*:*:*:lts:*:*:*
CVSS
Base: 6.8 (as of 06-09-2022 - 18:00)
Impact:
Exploitability:
CWE CWE-829
CAPEC
  • Force Use of Corrupted Files
    This describes an attack where an application is forced to use a file that an attacker has corrupted. The result is often a denial of service caused by the application being unable to process the corrupted file, but other results, including the disabling of filters or access controls (if the application fails in an unsafe way rather than failing by locking down) or buffer overflows are possible.
  • Code Inclusion
    An adversary exploits a weakness on the target to force arbitrary code to be retrieved locally or from a remote location and executed. This differs from code injection in that code injection involves the direct inclusion of code while code inclusion involves the addition or replacement of a reference to a code file, which is subsequently loaded by the target and used as part of the code of some application.
  • DTD Injection
    An attacker injects malicious content into an application's DTD in an attempt to produce a negative technical impact. DTDs are used to describe how XML documents are processed. Certain malformed DTDs (for example, those with excessive entity expansion as described in CAPEC 197) can cause the XML parsers that process the DTDs to consume excessive resources resulting in resource depletion.
  • PHP Local File Inclusion
    The attacker loads and executes an arbitrary local PHP file on a target machine. The attacker could use this to try to load old versions of PHP files that have known vulnerabilities, to load PHP files that the attacker placed on the local machine during a prior attack, or to otherwise change the functionality of the targeted application in unexpected ways.
  • Local Code Inclusion
    The attacker forces an application to load arbitrary code files from the local machine. The attacker could use this to try to load old versions of library files that have known vulnerabilities, to load files that the attacker placed on the local machine during a prior attack, or to otherwise change the functionality of the targeted application in unexpected ways.
  • Local Execution of Code
    An adversary installs and executes malicious code on the target system in an effort to achieve a negative technical impact. Examples include rootkits, ransomware, spyware, adware, and others.
  • Remote Code Inclusion
    The attacker forces an application to load arbitrary code files from a remote location. The attacker could use this to try to load old versions of library files that have known vulnerabilities, to load malicious files that the attacker placed on the remote machine, or to otherwise change the functionality of the targeted application in unexpected ways.
  • XML Entity Linking
    An attacker creates an XML document that contains an external entity reference. External entity references can take the form of <!ENTITY name system "uri"> tags in a DTD. Because processors may not validate documents with external entities, there may be no checks on the nature of the reference in the external entity. This can allow an attacker to open arbitrary files or connections.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 106040
confirm https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
Last major update 06-09-2022 - 18:00
Published 28-11-2018 - 17:29
Last modified 06-09-2022 - 18:00
Back to Top