A privilege escalation vulnerability exists in Node.js 20 that allowed loading arbitrary OpenSSL engines when the experimental permission model is enabled, which can bypass and/or disable the permission model. The attack complexity is high. However, the crypto.setEngine() API can be used to bypass the permission model when called with a compatible OpenSSL engine. The OpenSSL engine can, for example, disable the permission model in the host process by manipulating the process's stack memory to locate the permission model Permission::enabled_ in the host process's heap memory. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
Metrics
Affected Vendors & Products
References
History
Wed, 27 Nov 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: hackerone
Published: 2023-06-30T23:40:08.238Z
Updated: 2024-11-27T18:27:25.453Z
Reserved: 2023-04-13T01:00:12.086Z
Link: CVE-2023-30586
Vulnrichment
Updated: 2024-08-02T14:28:51.808Z
NVD
Status : Modified
Published: 2023-07-01T00:15:10.247
Modified: 2024-11-21T08:00:28.153
Link: CVE-2023-30586
Redhat