← volver
CVE-2021-22884

CVE-2021-22884

EPSS 32.4%CWE-350
En resumen

Node.js confía impropiamente en "localhost6" como una dirección segura, permitiendo que los atacantes que controlen DNS engañen a la aplicación para conectarse a servidores remotos. Esto elude protecciones contra ataques a servicios locales.

Detalle técnico

Vulnerabilidad de rebinding DNS en la validación de whitelist de Node.js: "localhost6" está en la lista de confianza pero se resuelve vía DNS cuando no está presente en /etc/hosts, permitiendo ataques de rebinding basados en red. Un atacante que controle el DNS de la víctima puede redirigir "localhost6" a direcciones IP arbitrarias, eludiendo mitigaciones de CVE-2018-7160 y accediendo a recursos locales restringidos.

Resumen generado y traducido por IA a partir de la descripción oficial.
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the “localhost6” domain. As long as the attacker uses the “localhost6” domain, they can still apply the attack described in CVE-2018-7160.
Productos afectados
NodeJS · Node

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdfhttps://hackerone.com/reports/1069487https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4FRS5ZVK4ZQ7XIJQNGIKUXG2DJFHLO7/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F45Y7TXSU33MTKB6AGL2Q5V5ZOCNPKOG/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSYFUGKFUSZ27M5TEZ3FKILWTWFJTFAZ/https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/#node-js-inspector-dns-rebinding-vulnerability-cve-2018-7160https://security.netapp.com/advisory/ntap-20210416-0001/https://security.netapp.com/advisory/ntap-20210723-0001/https://www.oracle.com/security-alerts/cpuApr2021.htmlhttps://www.oracle.com//security-alerts/cpujul2021.htmlhttps://www.oracle.com/security-alerts/cpuoct2021.html