CVE-2016-10567

{"id": "CVE-2016-10567", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2018-05-29T20:29:00.923", "references": [{"url": "https://nodesecurity.io/advisories/171", "tags": ["Third Party Advisory"], "source": "support@hackerone.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-310"}]}, {"type": "Secondary", "source": "support@hackerone.com", "description": [{"lang": "en", "value": "CWE-311"}]}], "descriptions": [{"lang": "en", "value": "product-monitor is a HTML/JavaScript template for monitoring a product by encouraging product developers to gather all the information about the status of a product, including live monitoring, statistics, endpoints, and test results into one place. product-monitor versions below 2.2.5 download JavaScript resources over HTTP, which leaves the module vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested JavaScript file with an attacker controlled JavaScript file if the attacker is on the network or positioned in between the user and the remote server."}, {"lang": "es", "value": "product-monitor es una plantilla HTML/JavaScript para monitorizar un producto animando a los desarrolladores del producto para que re\u00fanan toda la informaci\u00f3n sobre el estado de un proyecto, incluyendo la monitorizaci\u00f3n en directo, estad\u00edsticas, endpoints y resultados de tests en el mismo sitio. Las versiones anteriores a la 2.2.5 de product-monitor descargan recursos JavaScript por HTTP, lo que lo deja vulnerable a ataques MITM. Podr\u00eda ser posible provocar la ejecuci\u00f3n remota de c\u00f3digo (RCE) cambiando el archivo JavaScript solicitado por otro controlado por el atacante si \u00e9ste est\u00e1 en la red o posicionado entre el usuario y el servidor remoto."}], "lastModified": "2019-10-09T23:16:47.887", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:product-monitor_project:product-monitor:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "0AEA18A6-ED53-48C5-AD34-FC8C04F70974", "versionEndExcluding": "2.2.5"}], "operator": "OR"}]}], "sourceIdentifier": "support@hackerone.com"}