SB2012061703 - Multiple vulnerabilities in mantisbt.sourceforge.net MantisBT

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2012061703

SB2012061703 - Multiple vulnerabilities in mantisbt.sourceforge.net MantisBT

Published: June 17, 2012 Updated: August 11, 2020

Security Bulletin ID SB2012061703
Severity
Medium
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2012-2691)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The mc_issue_note_update function in the SOAP API in MantisBT before 1.2.11 does not properly check privileges, which allows remote attackers with bug reporting privileges to edit arbitrary bugnotes via a SOAP request.


2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2012-2692)

The vulnerability allows a remote #AU# to manipulate or delete data.

MantisBT before 1.2.11 does not check the delete_attachments_threshold permission when form_security_validation is set to OFF, which allows remote authenticated users with certain privileges to bypass intended access restrictions and delete arbitrary attachments.


Remediation

Install update from vendor's website.

References