CVE-2021-3757 - Vulnerability Details - OpenCVE

ReportizFlow

immer is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Immer Project	Immer
Redhat	Rhmt

Configuration 1 [-]

cpe:2.3:a:immer_project:immer:*:*:*:*:*:node.js:*:*

Package	CPE	Advisory	Released Date
Red Hat Migration Toolkit for Containers 1.5
rhmtc/openshift-migration-ui-rhel8:v1.5.2-6	cpe:/a:redhat:rhmt:1.5::el8	RHSA-2021:4848	2021-11-29T00:00:00Z

References

Link	Providers
https://github.com/immerjs/immer/commit/fa671e55ee9bd42ae08cc239102b665a23958237
https://huntr.dev/bounties/23d38099-71cd-42ed-a77a-71e68094adfa
https://nvd.nist.gov/vuln/detail/CVE-2021-3757
https://www.cve.org/CVERecord?id=CVE-2021-3757

History

No history.

MITRE

Status: PUBLISHED

Assigner: @huntrdev

Published: 2021-09-02T12:06:26

Updated: 2024-08-03T17:09:09.144Z

Reserved: 2021-08-31T00:00:00

Link: CVE-2021-3757

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-09-02T12:15:07.617

Modified: 2024-11-21T06:22:21.100

Link: CVE-2021-3757

Redhat

Severity : Important

Publid Date: 2021-08-30T00:00:00Z

Links: CVE-2021-3757 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "immerjs/immer", "vendor": "immerjs", "versions": [{"lessThanOrEqual": "9.0.5", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "immer is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')"}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1321", "description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-09-02T12:06:26", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/immerjs/immer/commit/fa671e55ee9bd42ae08cc239102b665a23958237"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://huntr.dev/bounties/23d38099-71cd-42ed-a77a-71e68094adfa"}], "source": {"advisory": "23d38099-71cd-42ed-a77a-71e68094adfa", "discovery": "EXTERNAL"}, "title": "Prototype Pollution in immerjs/immer", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2021-3757", "STATE": "PUBLIC", "TITLE": "Prototype Pollution in immerjs/immer"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "immerjs/immer", "version": {"version_data": [{"version_affected": "<=", "version_value": "9.0.5"}]}}]}, "vendor_name": "immerjs"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "immer is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')"}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/immerjs/immer/commit/fa671e55ee9bd42ae08cc239102b665a23958237", "refsource": "MISC", "url": "https://github.com/immerjs/immer/commit/fa671e55ee9bd42ae08cc239102b665a23958237"}, {"name": "https://huntr.dev/bounties/23d38099-71cd-42ed-a77a-71e68094adfa", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/23d38099-71cd-42ed-a77a-71e68094adfa"}]}, "source": {"advisory": "23d38099-71cd-42ed-a77a-71e68094adfa", "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T17:09:09.144Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/immerjs/immer/commit/fa671e55ee9bd42ae08cc239102b665a23958237"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://huntr.dev/bounties/23d38099-71cd-42ed-a77a-71e68094adfa"}]}]}, "cveMetadata": {"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2021-3757", "datePublished": "2021-09-02T12:06:26", "dateReserved": "2021-08-31T00:00:00", "dateUpdated": "2024-08-03T17:09:09.144Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:immer_project:immer:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "FA569641-1319-4F9F-B724-2D8F6C01676F", "versionEndIncluding": "9.0.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "immer is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')"}, {"lang": "es", "value": "immer es vulnerable a una Modificaci\u00f3n Controlada Inapropiada de Atributos de Prototipos de Objetos (\"Contaminaci\u00f3n de Prototipos\")"}], "id": "CVE-2021-3757", "lastModified": "2024-11-21T06:22:21.100", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "[email protected]", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}]}, "published": "2021-09-02T12:15:07.617", "references": [{"source": "[email protected]", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/immerjs/immer/commit/fa671e55ee9bd42ae08cc239102b665a23958237"}, {"source": "[email protected]", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://huntr.dev/bounties/23d38099-71cd-42ed-a77a-71e68094adfa"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/immerjs/immer/commit/fa671e55ee9bd42ae08cc239102b665a23958237"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://huntr.dev/bounties/23d38099-71cd-42ed-a77a-71e68094adfa"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1321"}], "source": "[email protected]", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-1321"}], "source": "[email protected]", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2021:4848", "cpe": "cpe:/a:redhat:rhmt:1.5::el8", "impact": "low", "package": "rhmtc/openshift-migration-ui-rhel8:v1.5.2-6", "product_name": "Red Hat Migration Toolkit for Containers 1.5", "release_date": "2021-11-29T00:00:00Z"}], "bugzilla": {"description": "nodejs-immer: prototype pollution may lead to DoS or remote code execution", "id": "2000734", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000734"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-915", "details": ["immer is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", "A flaw was found in immer when manipulates object attributes such as _proto_, constructor and prototype. An attacker can manipulate these values by overwriting and polluting them. Those attributes would be inherited by JavaScript objects which could trigger exception handlers and leading into a denial of service attack."], "name": "CVE-2021-3757", "package_state": [{"cpe": "cpe:/a:redhat:service_mesh:1", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "servicemesh-grafana", "product_name": "OpenShift Service Mesh 1"}, {"cpe": "cpe:/a:redhat:service_mesh:1", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "servicemesh-prometheus", "product_name": "OpenShift Service Mesh 1"}, {"cpe": "cpe:/a:redhat:service_mesh:2.0", "fix_state": "Will not fix", "package_name": "servicemesh-grafana", "product_name": "OpenShift Service Mesh 2.0"}, {"cpe": "cpe:/a:redhat:service_mesh:2.0", "fix_state": "Will not fix", "package_name": "servicemesh-prometheus", "product_name": "OpenShift Service Mesh 2.0"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/console-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/kui-web-terminal-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/search-ui-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "impact": "low", "package_name": "openshift4/ose-grafana", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "impact": "low", "package_name": "openshift4/ose-prometheus", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "impact": "low", "package_name": "openshift4/ose-thanos-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2021-08-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-3757\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-3757\nhttps://huntr.dev/bounties/23d38099-71cd-42ed-a77a-71e68094adfa"], "statement": "In OpenShift Container Platform (OCP) and OpenShift Migration Toolkit for Containers (MTC), the affected components are behind OpenShift OAuth authentication. This restricts access to the vulnerable nodejs-immer library to authenticated users only, therefore the impact is Low.", "threat_severity": "Important", "upstream_fix": "immer 9.0.6"}