PT-2018-6092 · Npm · Node-Opensl

Published

2018-06-07

Updated

2019-10-09

CVE-2017-16064

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: node-openssl versions all

Description: The node-openssl package is a piece of malware designed to steal environment variables and send them to attacker-controlled locations. All versions of the package have been unpublished from the npm registry. If the package is found installed, the primary concern is determining how it was installed.

Recommendations: Delete the node-openssl package Clear the npm cache Ensure the package is not present in any other package.json files on the system Regenerate registry credentials, tokens, and any other sensitive credentials that may have been exposed via environment variables Review services that may have been exposed via credentials in environment variables, such as databases, for indicators of compromise

Fix

RCE

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-506CWE-200

Related Identifiers

CVE-2017-16064

GHSA-J68R-23HJ-XF9C

Affected Products

Node-Opensl

PT-2018-6092 · Npm · Node-Opensl

CVE-2017-16064

Weakness Enumeration

Related Identifiers

Affected Products

References · 5