CVE Vulnerability

CVE-2021-4247

A vulnerability has been found in OWASP NodeGoat and classified as problematic. This vulnerability affects unknown code of the file app/routes/research.js of the component Query Parameter Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The name of the patch is 4a4d1db74c63fb4ff8d366551c3af006c25ead12. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216184.

7.5 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://vuldb.com/?id.216184 Permissions Required Third Party Advisory
https://github.com/OWASP/NodeGoat/issues/225 Exploit Patch
https://github.com/OWASP/NodeGoat/commit/4a4d1db74c63fb4ff8d366551c3af006c25ead12 Patch Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:owasp:nodegoat:*:*:*:*:*:*:*:*
Information

Published : 2022-12-18 08:15

Updated : 2022-12-22 06:37

NVD link : CVE-2021-4247

Mitre link : CVE-2021-4247

Products Affected
No products.
CWE
CWE-404