CVE-2021-43788 - OpenCVE

Nodebb is an open source Node.js based forum software. Prior to v1.18.5, a path traversal vulnerability was present that allowed users to access JSON files outside of the expected `languages/` directory. The vulnerability has been patched as of v1.18.5. Users are advised to upgrade as soon as possible.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Nodebb	Nodebb

Configuration 1 [-]

cpe:2.3:a:nodebb:nodebb:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/
https://github.com/NodeBB/NodeBB/commit/c8b2fc46dc698db687379106b3f01c71b80f495f
https://github.com/NodeBB/NodeBB/releases/tag/v1.18.5
https://github.com/NodeBB/NodeBB/security/advisories/GHSA-pfj7-2qfw-vwgm

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2021-11-29T19:35:12

Updated: 2024-08-04T04:03:08.978Z

Reserved: 2021-11-16T00:00:00

Link: CVE-2021-43788

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-11-29T20:15:08.253

Modified: 2022-10-27T19:32:51.133

Link: CVE-2021-43788

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "NodeBB", "vendor": "NodeBB", "versions": [{"status": "affected", "version": ">= 1.0.4, < 1.18.5"}]}], "descriptions": [{"lang": "en", "value": "Nodebb is an open source Node.js based forum software. Prior to v1.18.5, a path traversal vulnerability was present that allowed users to access JSON files outside of the expected `languages/` directory. The vulnerability has been patched as of v1.18.5. Users are advised to upgrade as soon as possible."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-09-13T20:52:38", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/NodeBB/NodeBB/releases/tag/v1.18.5"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/NodeBB/NodeBB/security/advisories/GHSA-pfj7-2qfw-vwgm"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/NodeBB/NodeBB/commit/c8b2fc46dc698db687379106b3f01c71b80f495f"}, {"tags": ["x_refsource_MISC"], "url": "https://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/"}], "source": {"advisory": "GHSA-pfj7-2qfw-vwgm", "discovery": "UNKNOWN"}, "title": "Path traversal in translator module of NobeBB", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-43788", "STATE": "PUBLIC", "TITLE": "Path traversal in translator module of NobeBB"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "NodeBB", "version": {"version_data": [{"version_value": ">= 1.0.4, < 1.18.5"}]}}]}, "vendor_name": "NodeBB"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Nodebb is an open source Node.js based forum software. Prior to v1.18.5, a path traversal vulnerability was present that allowed users to access JSON files outside of the expected `languages/` directory. The vulnerability has been patched as of v1.18.5. Users are advised to upgrade as soon as possible."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/NodeBB/NodeBB/releases/tag/v1.18.5", "refsource": "MISC", "url": "https://github.com/NodeBB/NodeBB/releases/tag/v1.18.5"}, {"name": "https://github.com/NodeBB/NodeBB/security/advisories/GHSA-pfj7-2qfw-vwgm", "refsource": "CONFIRM", "url": "https://github.com/NodeBB/NodeBB/security/advisories/GHSA-pfj7-2qfw-vwgm"}, {"name": "https://github.com/NodeBB/NodeBB/commit/c8b2fc46dc698db687379106b3f01c71b80f495f", "refsource": "MISC", "url": "https://github.com/NodeBB/NodeBB/commit/c8b2fc46dc698db687379106b3f01c71b80f495f"}, {"name": "https://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/", "refsource": "MISC", "url": "https://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/"}]}, "source": {"advisory": "GHSA-pfj7-2qfw-vwgm", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T04:03:08.978Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/NodeBB/NodeBB/releases/tag/v1.18.5"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/NodeBB/NodeBB/security/advisories/GHSA-pfj7-2qfw-vwgm"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/NodeBB/NodeBB/commit/c8b2fc46dc698db687379106b3f01c71b80f495f"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-43788", "datePublished": "2021-11-29T19:35:12", "dateReserved": "2021-11-16T00:00:00", "dateUpdated": "2024-08-04T04:03:08.978Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nodebb:nodebb:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B0118EF-AB2D-420C-A454-405F2058F38A", "versionEndIncluding": "1.18.4", "versionStartIncluding": "1.0.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Nodebb is an open source Node.js based forum software. Prior to v1.18.5, a path traversal vulnerability was present that allowed users to access JSON files outside of the expected `languages/` directory. The vulnerability has been patched as of v1.18.5. Users are advised to upgrade as soon as possible."}, {"lang": "es", "value": "Nodebb es un software de foro de c\u00f3digo abierto basado en Node.js. En versiones anteriores a v1.18.5, se presentaba una vulnerabilidad de salto de ruta que permit\u00eda a usuarios acceder a archivos JSON fuera del directorio esperado \"languages/\". La vulnerabilidad ha sido parcheada a partir de la versi\u00f3n v1.18.5. Se aconseja a usuarios que actualicen lo antes posible"}], "id": "CVE-2021-43788", "lastModified": "2022-10-27T19:32:51.133", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2021-11-29T20:15:08.253", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://blog.sonarsource.com/nodebb-remote-code-execution-with-one-shot/"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/NodeBB/NodeBB/commit/c8b2fc46dc698db687379106b3f01c71b80f495f"}, {"source": "security-advisories@github.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/NodeBB/NodeBB/releases/tag/v1.18.5"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/NodeBB/NodeBB/security/advisories/GHSA-pfj7-2qfw-vwgm"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Primary"}]}