Vulnerability Name: CVE-2023-23918 (CCN-247698) Assigned: 2023-02-16 Published: 2023-02-16 Updated: 2023-03-16 Summary: Node.js could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw when enable the experimental permissions option with --experimental-policy. By sending a specially-crafted request using process.mainModule.require(), an attacker could exploit this vulnerability to bypass Permissions and access non authorized modules. CVSS v3 Severity: 7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): NoneAvailibility (A): None
6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): LowUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): HighAvailibility (A): None
CVSS v2 Severity: 6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:C/A:N Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): Single_InstanceImpact Metrics: Confidentiality (C): NoneIntegrity (I): CompleteAvailibility (A): None
Vulnerability Consequences: Bypass Security References: Source: MITRECVE-2023-23918 nodejs-cve202323918-sec-bypass(247698) Thursday February 16 2023 Security Releases support@hackerone.com support@hackerone.com Multiple vulnerabilities in IBM SDK for Node.js and packaged modules affect IBM Business Automation Workflow Configuration Editor Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.10 and earlier Vulnerability in Node.js affects IBM Voice Gateway IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Node.js IBM Planning Analytics Workspace is affected by vulnerabilities in Node,js (CVE-2022-43548, CVE-2020-7676, CVE-2021-42550, CVE-2021-38561, CVE-2022-32149) Multiple vulnerabilities affect IBM Db2 Graph IBM App Connect Enterprise Certified Container operands may be vulnerable to security restriction bypasss due to [CVE-2023-23918] IBM Cloud Pak for Security includes components with multiple known vulnerabilities IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Node.js Vulnerabilities in cURL libcurl, PostgreSQL, PyPI cryptography, Node.js can affect IBM Spectrum Protect Plus Multiple vulnerabilities affect IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data Vulnerable Configuration: Configuration CCN 1 :cpe:/a:nodejs:node.js:14.0:*:*:*:*:*:*:* AND cpe:/a:ibm:spectrum_protect_plus:10.1.0:*:*:*:*:*:*:* OR cpe:/a:ibm:planning_analytics:2.0:*:*:*:*:*:*:* OR cpe:/a:ibm:voice_gateway:1.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:voice_gateway:1.0.3:*:*:*:*:*:*:* OR cpe:/a:ibm:cloud_transformation_advisor:2.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:voice_gateway:1.0.2.4:*:*:*:*:*:*:* OR cpe:/a:ibm:voice_gateway:1.0.4:*:*:*:*:*:*:* OR cpe:/a:ibm:voice_gateway:1.0.5:*:*:*:*:*:*:* OR cpe:/a:ibm:voice_gateway:1.0.6:*:*:*:*:*:*:* OR cpe:/a:ibm:voice_gateway:1.0.7:*:*:*:*:*:*:* OR cpe:/a:ibm:business_automation_workflow:20.0.0.1:*:*:*:traditional:*:*:* OR cpe:/a:ibm:business_automation_workflow:20.0.0.2:*:*:*:traditional:*:*:* OR cpe:/a:ibm:business_automation_workflow:21.0.1:*:*:*:traditional:*:*:* OR cpe:/a:ibm:app_connect_enterprise_certified_container:4.1:*:*:*:*:*:*:* OR cpe:/a:ibm:app_connect_enterprise_certified_container:4.2:*:*:*:*:*:*:* OR cpe:/a:ibm:business_automation_workflow:22.0.1:*:*:*:traditional:*:*:* OR cpe:/a:ibm:cloud_pak_for_security:1.10.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:business_automation_workflow:21.0.3.1:*:*:*:traditional:*:*:* OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.0:*:*:*:lts:*:*:* OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.1:*:*:*:*:*:*:* OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.2:*:*:*:*:*:*:* OR cpe:/a:ibm:app_connect_enterprise_certified_container:6.0:*:*:*:*:*:*:* OR cpe:/a:ibm:app_connect_enterprise_certified_container:6.1:*:*:*:*:*:*:* OR cpe:/a:ibm:business_automation_workflow:22.0.2:*:*:*:traditional:*:*:* OR cpe:/a:ibm:app_connect_enterprise_certified_container:6.2:*:*:*:*:*:*:* BACK
nodejs node.js 14.0
ibm spectrum protect plus 10.1.0
ibm planning analytics 2.0
ibm voice gateway 1.0.2
ibm voice gateway 1.0.3
ibm cloud transformation advisor 2.0.1
ibm voice gateway 1.0.2.4
ibm voice gateway 1.0.4
ibm voice gateway 1.0.5
ibm voice gateway 1.0.6
ibm voice gateway 1.0.7
ibm business automation workflow 20.0.0.1
ibm business automation workflow 20.0.0.2
ibm business automation workflow 21.0.1
ibm app connect enterprise certified container 4.1
ibm app connect enterprise certified container 4.2
ibm business automation workflow 22.0.1
ibm cloud pak for security 1.10.0.0
ibm business automation workflow 21.0.3.1
ibm app connect enterprise certified container 5.0
ibm app connect enterprise certified container 5.1
ibm app connect enterprise certified container 5.2
ibm app connect enterprise certified container 6.0
ibm app connect enterprise certified container 6.1
ibm business automation workflow 22.0.2
ibm app connect enterprise certified container 6.2
Denotes that component is vulnerable