#VU52764 Cleartext transmission of sensitive information in nim - CVE-2021-21373

Cybersecurity Help s.r.o.

Published: 2021-04-29

Vulnerability identifier: #VU52764

Vulnerability risk: High

CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2021-21373

CWE-ID: CWE-319

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
nim
Universal components / Libraries / Programming Languages & Components

Vendor: nim-lang.org

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to "nimble refresh" tries to fetch a list of Nimble packages over HTTP connection in case HTTPS connection fails. A remote attacker can perform MitM attack and deliver a modified package list containing malicious software packages

Mitigation
Install updates from vendor's website.

Vulnerable software versions

nim: 1.2.0 - 1.4.2

External links
https://consensys.net/diligence/vulnerabilities/nim-insecure-ssl-tls-defaults-remote-code-execution/
https://github.com/nim-lang/nimble/blob/master/changelog.markdown#0130
https://github.com/nim-lang/security/security/advisories/GHSA-8w52-r35x-rgp8

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Arch Linux update for nimble

Multiple vulnerabilities in Nim programming languag