CVE-2021-20066 - Vulnerability Details - OpenCVE

JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Jsdom Project	Jsdom

Configuration 1 [-]

cpe:2.3:a:jsdom_project:jsdom:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/jsdom/jsdom/issues/3124#issuecomment-783502951
https://nvd.nist.gov/vuln/detail/CVE-2021-20066
https://www.cve.org/CVERecord?id=CVE-2021-20066
https://www.tenable.com/security/research/tra-2021-05

History

No history.

MITRE

Status: PUBLISHED

Assigner: tenable

Published: 2021-02-16T19:48:08

Updated: 2024-08-03T17:30:07.411Z

Reserved: 2020-12-17T00:00:00

Link: CVE-2021-20066

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-02-16T20:15:15.767

Modified: 2024-11-21T05:45:51.730

Link: CVE-2021-20066

Redhat

Severity : Moderate

Publid Date: 2021-02-16T00:00:00Z

Links: CVE-2021-20066 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "JSDom", "vendor": "n/a", "versions": [{"status": "affected", "version": "JSDom 16.4.0"}]}], "descriptions": [{"lang": "en", "value": "JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled."}], "problemTypes": [{"descriptions": [{"description": "Improper Access Control", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-08-29T08:45:45", "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.tenable.com/security/research/tra-2021-05"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/jsdom/jsdom/issues/3124#issuecomment-783502951"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2021-20066", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "JSDom", "version": {"version_data": [{"version_value": "JSDom 16.4.0"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Improper Access Control"}]}]}, "references": {"reference_data": [{"name": "https://www.tenable.com/security/research/tra-2021-05", "refsource": "MISC", "url": "https://www.tenable.com/security/research/tra-2021-05"}, {"name": "https://github.com/jsdom/jsdom/issues/3124#issuecomment-783502951", "refsource": "MISC", "url": "https://github.com/jsdom/jsdom/issues/3124#issuecomment-783502951"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T17:30:07.411Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.tenable.com/security/research/tra-2021-05"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/jsdom/jsdom/issues/3124#issuecomment-783502951"}]}]}, "cveMetadata": {"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "assignerShortName": "tenable", "cveId": "CVE-2021-20066", "datePublished": "2021-02-16T19:48:08", "dateReserved": "2020-12-17T00:00:00", "dateUpdated": "2024-08-03T17:30:07.411Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jsdom_project:jsdom:-:*:*:*:*:*:*:*", "matchCriteriaId": "C10B28FE-6B6A-461E-98FF-B4B1894F7302", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled."}, {"lang": "es", "value": "JSDom permite inapropiadamente la carga de recursos locales, lo que permite que los archivos locales sean manipulados por una p\u00e1gina web maliciosa cuando la ejecuci\u00f3n de script est\u00e1 habilitada"}], "id": "CVE-2021-20066", "lastModified": "2024-11-21T05:45:51.730", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.4, "source": "[email protected]", "type": "Primary"}]}, "published": "2021-02-16T20:15:15.767", "references": [{"source": "[email protected]", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://github.com/jsdom/jsdom/issues/3124#issuecomment-783502951"}, {"source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.tenable.com/security/research/tra-2021-05"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://github.com/jsdom/jsdom/issues/3124#issuecomment-783502951"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.tenable.com/security/research/tra-2021-05"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "[email protected]", "type": "Primary"}]}

{"bugzilla": {"description": "jsdom: improper loading of local resources", "id": "1930915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930915"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.6", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "status": "draft"}, "cwe": "CWE-862", "details": ["JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled.", "A flaw was found in jsdom. JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled."], "name": "CVE-2021-20066", "package_state": [{"cpe": "cpe:/a:redhat:service_mesh:2.0", "fix_state": "Not affected", "package_name": "kiali", "product_name": "OpenShift Service Mesh 2.0"}, {"cpe": "cpe:/a:redhat:service_mesh:2.0", "fix_state": "Will not fix", "package_name": "servicemesh-grafana", "product_name": "OpenShift Service Mesh 2.0"}, {"cpe": "cpe:/a:redhat:service_mesh:2.0", "fix_state": "Will not fix", "package_name": "servicemesh-prometheus", "product_name": "OpenShift Service Mesh 2.0"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "search-api", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "impact": "low", "package_name": "openshift4/ose-grafana", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "impact": "low", "package_name": "openshift4/ose-prometheus", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "impact": "low", "package_name": "openshift4/ose-thanos-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2021-02-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-20066\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-20066\nhttps://www.tenable.com/security/research/tra-2021-05"], "statement": "For an application which includes jsdom to be vulnerable to this CVE, it must at least enable the loading of resources using something similar to: `new JSDOM(html, {resources: \"usable\"}`, where `html` is un-trusted input. Furthermore, scripts can be executed by extending the options similar to: `new JSDOM(html, {resources: \"usable\", runScripts: \"dangerously\"}`. [1]\nOpenShift Container Platform (OCP) and OpenShift ServiceMesh (OSSM) both include components that package a vulnerable version of `jsdom`. However, none of the components directly enable the loading of resources via `resources: \"usable\"` and most components only include `jsdom` for use in tests. Hence for OCP and OSSM the affects are rated to have a Low impact and are wontfix at this time and might be fixed in a future release.\n[1] https://github.com/jsdom/jsdom#loading-subresources", "threat_severity": "Moderate"}