CVE-2019-17636 Information

Description

In Eclipse Theia versions 0.3.9 through 0.15.0 one of the default pre-packaged Theia extensions is \Mini-Browser\ published as @theia/mini-browser\ on npmjs.com. This extension for its own needs exposes a HTTP endpoint that allows to read the content of files on the host’s filesystem given their path without restrictions on the requester’s origin. This design is vulnerable to being exploited remotely through a DNS rebinding attack or a drive-by download of a carefully crafted exploit.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Reference

https://bugs.eclipse.org/bugs/show_bug.cgi?id=551747

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

NONE

Base Severity

8.1