CVE-2022-21824

Published Feb 24, 2022

Last updated 2 years ago

Overview

Description: Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9, >= 14.18.3, >= 16.13.2, and >= 17.3.1 use a null protoype for the object these properties are being assigned to.
Source: support@hackerone.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.2
Impact score: 4.2
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 6.4
Impact score: 4.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-1321
support@hackerone.com: CWE-471

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CE47ECC-681D-46DB-B46E-3A94D931A19C",
            "versionEndExcluding": "12.22.9",
            "versionStartIncluding": "12.0.0"
          },
          {
            "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79F6CBBF-22B7-4B71-9C3B-5F32B32B8271",
            "versionEndExcluding": "14.18.3",
            "versionStartIncluding": "14.0.0"
          },
          {
            "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E81EF2EF-0BD7-45D5-93B1-883DCDD67F03",
            "versionEndExcluding": "16.13.2",
            "versionStartIncluding": "16.0.0"
          },
          {
            "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9DF5B801-BC99-4F91-B350-C14A5998532C",
            "versionEndExcluding": "17.3.1",
            "versionStartIncluding": "17.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDB1E9C2-30CD-4DD2-BB9F-AF59B8DA9B9E",
            "versionEndIncluding": "8.0.29"
          },
          {
            "criteria": "cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "727AE4B8-ECED-4942-B378-AC869D39D8D0",
            "versionEndIncluding": "8.0.28"
          },
          {
            "criteria": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0EBAC6D-D0CE-42A1-AEA0-2D50C8035747",
            "versionEndIncluding": "8.0.29"
          },
          {
            "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09EB3F75-D06D-4418-913B-37DBF851EE45",
            "versionEndIncluding": "8.0.29"
          },
          {
            "criteria": "cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7BDC629D-CC4C-4903-8A06-BF5823457996",
            "versionEndIncluding": "8.0.28"
          },
          {
            "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9"
          },
          {
            "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8AF00C6-B97F-414D-A8DF-057E6BFD8597"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
          },
          {
            "criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3"
          },
          {
            "criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Configurations

References