Lucene search

[email protected]CVE-2016-3956

HistoryJul 02, 2016 - 2:59 p.m.

CVE-2016-3956

2016-07-0214:59:19

CWE-200

[email protected]

web.nvd.nist.gov

cve-2016-3956

cli

npm

node.js

http

security vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.9%

JSON

The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in Node.js 0.10 before 0.10.44, 0.12 before 0.12.13, 4 before 4.4.2, and 5 before 5.10.0, includes bearer tokens with arbitrary requests, which allows remote HTTP servers to obtain sensitive information by reading Authorization headers.

Affected configurations

NVD

Node

ibmsdkRange≤1.1.0.20nodejs

ibmsdkRange≤1.2.0.10nodejs

ibmsdkRange≤4.4.1.0nodejs

Node

nodejsnode.jsMatch0.10.0

nodejsnode.jsMatch0.10.1

nodejsnode.jsMatch0.10.2

nodejsnode.jsMatch0.10.3

nodejsnode.jsMatch0.10.4

nodejsnode.jsMatch0.10.5

nodejsnode.jsMatch0.10.6

nodejsnode.jsMatch0.10.7

nodejsnode.jsMatch0.10.8

nodejsnode.jsMatch0.10.9

nodejsnode.jsMatch0.10.10

nodejsnode.jsMatch0.10.11

nodejsnode.jsMatch0.10.12

nodejsnode.jsMatch0.10.13

nodejsnode.jsMatch0.10.14

nodejsnode.jsMatch0.10.15

nodejsnode.jsMatch0.10.16

nodejsnode.jsMatch0.10.16-isaacs-manual

nodejsnode.jsMatch0.10.17

nodejsnode.jsMatch0.10.18

nodejsnode.jsMatch0.10.19

nodejsnode.jsMatch0.10.20

nodejsnode.jsMatch0.10.21

nodejsnode.jsMatch0.10.22

nodejsnode.jsMatch0.10.23

nodejsnode.jsMatch0.10.24

nodejsnode.jsMatch0.10.25

nodejsnode.jsMatch0.10.26

nodejsnode.jsMatch0.10.27

nodejsnode.jsMatch0.10.28

nodejsnode.jsMatch0.10.29

nodejsnode.jsMatch0.10.30

nodejsnode.jsMatch0.10.31

nodejsnode.jsMatch0.10.32

nodejsnode.jsMatch0.10.33

nodejsnode.jsMatch0.10.34

nodejsnode.jsMatch0.10.35

nodejsnode.jsMatch0.10.36

nodejsnode.jsMatch0.10.37

nodejsnode.jsMatch0.10.38

nodejsnode.jsMatch0.10.39

nodejsnode.jsMatch0.10.40

nodejsnode.jsMatch0.10.41

nodejsnode.jsMatch0.12.0

nodejsnode.jsMatch0.12.1

nodejsnode.jsMatch0.12.2

nodejsnode.jsMatch0.12.3

nodejsnode.jsMatch0.12.4

nodejsnode.jsMatch0.12.5

nodejsnode.jsMatch0.12.6

nodejsnode.jsMatch0.12.7

nodejsnode.jsMatch0.12.8

nodejsnode.jsMatch0.12.9

nodejsnode.jsMatch4.0.0

nodejsnode.jsMatch4.1.0

nodejsnode.jsMatch4.1.1

nodejsnode.jsMatch4.1.2

nodejsnode.jsMatch4.2.0

nodejsnode.jsMatch4.2.1

nodejsnode.jsMatch4.2.2

nodejsnode.jsMatch4.2.3

nodejsnode.jsMatch4.2.4

nodejsnode.jsMatch4.2.5

nodejsnode.jsMatch4.2.6

nodejsnode.jsMatch4.3.0

nodejsnode.jsMatch4.3.1

nodejsnode.jsMatch4.3.1rc.1

nodejsnode.jsMatch4.3.1rc.2

nodejsnode.jsMatch4.3.2

nodejsnode.jsMatch4.4.0

nodejsnode.jsMatch4.4.0rc.1

nodejsnode.jsMatch4.4.0rc.2

nodejsnode.jsMatch4.4.0rc.3

nodejsnode.jsMatch4.4.0rc.4

nodejsnode.jsMatch4.4.1

nodejsnode.jsMatch5.0.0

nodejsnode.jsMatch5.1.0

nodejsnode.jsMatch5.1.1

nodejsnode.jsMatch5.2.0

nodejsnode.jsMatch5.3.0

nodejsnode.jsMatch5.4.0

nodejsnode.jsMatch5.4.1

nodejsnode.jsMatch5.5.0

nodejsnode.jsMatch5.6.0

nodejsnode.jsMatch5.7.0

nodejsnode.jsMatch5.7.1

nodejsnode.jsMatch5.8.0

nodejsnode.jsMatch5.8.1rc.1

nodejsnode.jsMatch5.9.0

nodejsnode.jsMatch5.9.1

Node

npmjsnpmRange<2.15.1

npmjsnpmRange3.0.0–3.8.3

CPENameOperatorVersion
ibm:sdkibm sdkle1.1.0.20
ibm:sdkibm sdkle1.2.0.10
ibm:sdkibm sdkle4.4.1.0

CPE	Name	Operator	Version
ibm:sdk	ibm sdk	le	1.1.0.20
ibm:sdk	ibm sdk	le	1.2.0.10
ibm:sdk	ibm sdk	le	4.4.1.0

References

blog.npmjs.org/post/142036323955/fixing-a-bearer-token-vulnerability

www-01.ibm.com/support/docview.wss?uid=swg21980827

github.com/npm/npm/commit/f67ecad59e99a03e5aad8e93cd1a086ae087cb29

github.com/npm/npm/commit/fea8cc92cee02c720b58f95f14d315507ccad401

github.com/npm/npm/issues/8380

nodejs.org/en/blog/vulnerability/npm-tokens-leak-march-2016/

Social References

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.9%

JSON

Related for CVE-2016-3956

ubuntu1 ibm5 nessus1 cvelist1 nodejs1 osv2 nvd2 github1 ubuntucve1 prion2 debiancve1 openvas1 cve1