CVE-2021-21372

Description

Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitrary commands. An attacker can craft a malicious entry in the packages.json package list to trigger code execution.

Related CPE's

a nim-lang nim ********

References

https://github.com/nim-lang/nimble/blob/master/changelog.markdown#0130

Release NotesThird Party Advisory

https://github.com/nim-lang/security/security/advisories/GHSA-rg9f-w24h-962p

Third Party Advisory

https://github.com/nim-lang/nimble/commit/7bd63d504a4157b8ed61a51af47fb086ee818c37

PatchThird Party Advisory

https://consensys.net/diligence/vulnerabilities/nim-insecure-ssl-tls-defaults-remote-code-execution/

ExploitThird Party Advisory

CvssV3 impact

BaseSeverity	HIGH
ConfidentialityImpact	HIGH
AttackComplexity	LOW
Scope	UNCHANGED
AttackVector	NETWORK
AvailabilityImpact	HIGH
IntegrityImpact	HIGH
PrivilegesRequired	NONE
BaseScore	8.8
VectorString	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Version	3.1
UserInteraction	REQUIRED

CvssV2 impact

AccessComplexity	MEDIUM
ConfidentialityImpact	PARTIAL
AvailabilityImpact	PARTIAL
IntegrityImpact	PARTIAL
BaseScore	6.800000190734863
VectorString	AV:N/AC:M/Au:N/C:P/I:P/A:P
Version	2.0
AccessVector	NETWORK
Authentication	NONE

Created by Yello

About Severity.io