CVE-2022-29823

Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://csirt.divd.nl/CVE-2022-29823/	Third Party Advisory
https://csirt.divd.nl/DIVD-2022-00020	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:feathersjs:feathers-sequelize:*:*:*:*:*:node.js:*:*

History

No history.

Information

Published : 2022-10-26 10:15

Updated : 2024-01-02 19:15

NVD link : CVE-2022-29823

Mitre link : CVE-2022-29823

CVE.ORG link : CVE-2022-29823

JSON object : View

Products Affected

feathersjs

feathers-sequelize

CWE

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

{"id": "CVE-2022-29823", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "csirt@divd.nl", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 10.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.9}]}, "published": "2022-10-26T10:15:16.190", "references": [{"url": "https://csirt.divd.nl/CVE-2022-29823/", "tags": ["Third Party Advisory"], "source": "csirt@divd.nl"}, {"url": "https://csirt.divd.nl/DIVD-2022-00020", "tags": ["Third Party Advisory"], "source": "csirt@divd.nl"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-1321"}]}, {"type": "Secondary", "source": "csirt@divd.nl", "description": [{"lang": "en", "value": "CWE-1321"}]}], "descriptions": [{"lang": "en", "value": "Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application."}, {"lang": "es", "value": "El m\u00e9todo cleanQuery de Feather-Sequalize usa una l\u00f3gica recursiva no segura para filtrar las claves no soportadas del objeto de consulta. Esto resulta en una ejecuci\u00f3n de c\u00f3digo remota (RCE) con privilegios de la aplicaci\u00f3n"}], "lastModified": "2024-01-02T19:15:09.513", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:feathersjs:feathers-sequelize:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "D774E13F-E66A-4F0B-9AE2-55671506913E", "versionEndExcluding": "6.3.4", "versionStartIncluding": "6.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "csirt@divd.nl"}