CVE-2021-22883 HIGH

Published: 2021-03-03 | Last Modified: 2024-11-21 | Status: Modified

Description

Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory.

Additional Descriptions (1)

Node.js versiones anteriores a 10.24.0, 12.21.0, 14.16.0 y 15.10.0, es vulnerable a un ataque de denegación de servicio cuando son establecidos demasiados intentos de conexión con un "unknownProtocol". Esto conlleva a una filtración de descriptores de archivos. Si es configurado un límite de descriptor de archivo en el sistema, entonces el servidor no puede aceptar nuevas conexiones e impide que el proceso también se abra, por ejemplo, un archivo. Si no es configurado ningún límite de descriptor de archivo, esto conllevará a un uso excesivo de la memoria y causará al sistema quedarse sin memoria

CVSS Metrics

Base Score: 7.5 (HIGH)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector	NETWORK
Attack Complexity	LOW
Privileges Required	NONE
User Interaction	NONE
Scope	UNCHANGED
Confidentiality Impact	NONE
Integrity Impact	NONE
Availability Impact	HIGH

Source: [email protected]

Type: Primary

Exploitability Score: 3.9

Impact Score: 3.6

Base Score: 7.8 (HIGH)

AV:N/AC:L/Au:N/C:N/I:N/A:C

Access Vector	NETWORK
Access Complexity	LOW
Authentication	NONE
Confidentiality Impact	NONE
Integrity Impact	NONE
Availability Impact	COMPLETE

Source: [email protected]

Type: Primary

Exploitability Score: 10.0

Impact Score: 6.9

Weaknesses

Source	Type	Description
[email protected]	Secondary	en CWE-400
[email protected]	Primary	en CWE-772

Affected Products

Vendor	Product	Version	Update	Type
nodejs	node.js	*	<built-in method update of dict object at 0x72a9cc7ede40>	Application
nodejs	node.js	*	<built-in method update of dict object at 0x72a9cc7ed040>	Application
nodejs	node.js	*	<built-in method update of dict object at 0x72a9cc7eec80>	Application
nodejs	node.js	*	<built-in method update of dict object at 0x72a9cc744c40>	Application
fedoraproject	fedora	32	<built-in method update of dict object at 0x72a9cc7ef6c0>	Operating System
fedoraproject	fedora	33	<built-in method update of dict object at 0x72a9cc7ee580>	Operating System
fedoraproject	fedora	34	<built-in method update of dict object at 0x72a9cc7ec300>	Operating System
netapp	e-series_performance_analyzer	-	<built-in method update of dict object at 0x72a9b0d8df80>	Application
oracle	graalvm	19.3.5	<built-in method update of dict object at 0x72a9cc7edf80>	Application
oracle	graalvm	20.3.1.2	<built-in method update of dict object at 0x72a9cc7ee200>	Application
oracle	graalvm	21.0.0.2	<built-in method update of dict object at 0x72a9cc7ed400>	Application
oracle	jd_edwards_enterpriseone_tools	*	<built-in method update of dict object at 0x72a9cc7ec240>	Application
oracle	mysql_cluster	*	<built-in method update of dict object at 0x72a9b0a752c0>	Application
oracle	nosql_database	*	<built-in method update of dict object at 0x72a9b0d8e900>	Application
oracle	peoplesoft_enterprise_peopletools	8.58	<built-in method update of dict object at 0x72a9b0a74300>	Application
oracle	peoplesoft_enterprise_peopletools	8.59	<built-in method update of dict object at 0x72a9b0d8e780>	Application
siemens	sinec_infrastructure_network_services	*	<built-in method update of dict object at 0x72a9cc7efc40>	Application

Affected Configurations

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:a:nodejs:node.js:::::lts:::*`
Yes	`cpe:2.3:a:nodejs:node.js:::::lts:::*`
Yes	`cpe:2.3:a:nodejs:node.js:::::lts:::*`
Yes	`cpe:2.3:a:nodejs:node.js:::::-:::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:fedoraproject:fedora:32:::::::*`
Yes	`cpe:2.3:o:fedoraproject:fedora:33:::::::*`
Yes	`cpe:2.3:o:fedoraproject:fedora:34:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:a:netapp:e-series_performance_analyzer:-:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:a:oracle:graalvm:19.3.5::::enterprise:::`
Yes	`cpe:2.3:a:oracle:graalvm:20.3.1.2::::enterprise:::`
Yes	`cpe:2.3:a:oracle:graalvm:21.0.0.2::::enterprise:::`
Yes	`cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools::::::::`
Yes	`cpe:2.3:a:oracle:mysql_cluster::::::::`
Yes	`cpe:2.3:a:oracle:nosql_database::::::::`
Yes	`cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:::::::*`
Yes	`cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:a:siemens:sinec_infrastructure_network_services::::::::`

References

https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
Source: [email protected]

Patch Third Party Advisory
https://hackerone.com/reports/1043360
Source: [email protected]

Permissions Required Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4FRS5ZVK4ZQ7XIJQNGIKUXG2DJFHLO7/
Source: [email protected]
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F45Y7TXSU33MTKB6AGL2Q5V5ZOCNPKOG/
Source: [email protected]
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSYFUGKFUSZ27M5TEZ3FKILWTWFJTFAZ/
Source: [email protected]
https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/
Source: [email protected]

Patch Release Notes Vendor Advisory
https://security.netapp.com/advisory/ntap-20210416-0001/
Source: [email protected]

Third Party Advisory
https://www.oracle.com//security-alerts/cpujul2021.html
Source: [email protected]

Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuApr2021.html
Source: [email protected]

Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html
Source: [email protected]

Patch Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
Source: af854a3a-2127-422b-91ae-364da2661108

Patch Third Party Advisory
https://hackerone.com/reports/1043360
Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4FRS5ZVK4ZQ7XIJQNGIKUXG2DJFHLO7/
Source: af854a3a-2127-422b-91ae-364da2661108
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F45Y7TXSU33MTKB6AGL2Q5V5ZOCNPKOG/
Source: af854a3a-2127-422b-91ae-364da2661108
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSYFUGKFUSZ27M5TEZ3FKILWTWFJTFAZ/
Source: af854a3a-2127-422b-91ae-364da2661108
https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/
Source: af854a3a-2127-422b-91ae-364da2661108

Patch Release Notes Vendor Advisory
https://security.netapp.com/advisory/ntap-20210416-0001/
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://www.oracle.com//security-alerts/cpujul2021.html
Source: af854a3a-2127-422b-91ae-364da2661108

Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuApr2021.html
Source: af854a3a-2127-422b-91ae-364da2661108

Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html
Source: af854a3a-2127-422b-91ae-364da2661108

Patch Third Party Advisory