NodeBB up to 2.8.10 Socket.IO Message eventName.startsWith/eventName.toString unexpected data type
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 6.3 | $0-$5k | 0.00 |
Summary
A vulnerability was found in NodeBB up to 2.8.10 and classified as problematic. Affected is the function eventName.startsWith/eventName.toString of the component Socket.IO Message Handler. The manipulation results in improper handling of unexpected data type.
This vulnerability was named CVE-2023-30591. The attack may be performed from remote. There is no available exploit.
Applying a patch is advised to resolve this issue.
Details
A vulnerability, which was classified as problematic, was found in NodeBB up to 2.8.10. Affected is the function eventName.startsWith/eventName.toString of the component Socket.IO Message Handler. The manipulation with an unknown input leads to a improper handling of unexpected data type vulnerability. CWE is classifying the issue as CWE-241. The product does not handle or incorrectly handles when a particular element is not the expected type, e.g. it expects a digit (0-9) but is provided with a letter (A-Z). This is going to have an impact on availability. CVE summarizes:
Denial-of-service in NodeBB <= v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking `eventName.startsWith()` or `eventName.toString()`, while processing Socket.IO messages via crafted Socket.IO messages containing array or object type for the event name respectively.
The weakness was presented 09/29/2023. The advisory is shared for download at starlabs.sg. This vulnerability is traded as CVE-2023-30591 since 04/13/2023. There are known technical details, but no exploit is available.
Applying the patch 37b48b82a4bc7680c6e4c42647209010cb239c2c is able to eliminate this problem. The bugfix is ready for download at github.com.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Product
Name
Version
License
Website
- Product: https://github.com/NodeBB/NodeBB/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.4VulDB Meta Temp Score: 6.3
VulDB Base Score: 5.3
VulDB Temp Score: 5.1
VulDB Vector: 🔍
VulDB Reliability: 🔍
CNA Base Score: 7.5
CNA Vector (STAR Labs SG Pte. Ltd.): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Improper handling of unexpected data typeCWE: CWE-241 / CWE-229 / CWE-20
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
0-Day Time: 🔍
Patch: 37b48b82a4bc7680c6e4c42647209010cb239c2c
Timeline
04/13/2023 🔍09/29/2023 🔍
09/29/2023 🔍
10/22/2023 🔍
Sources
Product: github.comAdvisory: 37b48b82a4bc7680c6e4c42647209010cb239c2c
Status: Confirmed
CVE: CVE-2023-30591 (🔍)
GCVE (CVE): GCVE-0-2023-30591
GCVE (VulDB): GCVE-100-240888
Entry
Created: 09/29/2023 08:41Updated: 10/22/2023 10:23
Changes: 09/29/2023 08:41 (50), 10/22/2023 10:23 (1)
Complete: 🔍
Cache ID: 216::103
VulDB is the best source for vulnerability data and more expert information about this specific topic.
No comments yet. Languages: en.
Please log in to comment.