Risk | High |
Patch available | YES |
Number of vulnerabilities | 7 |
CVE-ID | CVE-2019-12469 CVE-2019-12470 CVE-2019-12471 CVE-2019-12472 CVE-2019-12473 CVE-2019-12474 CVE-2019-12467 |
CWE-ID | CWE-284 CWE-79 CWE-20 CWE-200 |
Exploitation vector | Network |
Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #7 is available. |
Vulnerable software Subscribe |
MediaWiki Web applications / CMS |
Vendor | MediaWiki.org |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
EUVDB-ID: #VU30996
Risk: High
CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-12469
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to sensitive information.
The vulnerability exists due to improper access restrictions. A remote attacker can send a specially crafted request and gain unauthorized access to the affected application.
MitigationUpdate to version 1.32.2.
Vulnerable software versionsMediaWiki: 1.32.0 - 1.32.1
External linkshttp://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
http://phabricator.wikimedia.org/T222036
http://seclists.org/bugtraq/2019/Jun/12
http://www.debian.org/security/2019/dsa-4460
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU30997
Risk: High
CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-12470
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to sensitive information.
The vulnerability exists due to improper access restrictions. A remote attacker can send a specially crafted request and gain unauthorized access to the affected application.
MitigationUpdate to version 1.32.2.
Vulnerable software versionsMediaWiki: 1.32.0 - 1.32.1
External linkshttp://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
http://phabricator.wikimedia.org/T222038
http://seclists.org/bugtraq/2019/Jun/12
http://www.debian.org/security/2019/dsa-4460
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU31006
Risk: Low
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-12471
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Wikimedia MediaWiki 1.30.0 through 1.32.1 has XSS. Loading user JavaScript from a non-existent account allows anyone to create the account, and perform XSS on users loading that script. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
MitigationInstall update from vendor's website.
Vulnerable software versionsMediaWiki: 1.32.0 - 1.32.1
External linkshttp://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
http://phabricator.wikimedia.org/T207603
http://seclists.org/bugtraq/2019/Jun/12
http://www.debian.org/security/2019/dsa-4460
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU31007
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-12472
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.18.0 through 1.32.1. It is possible to bypass the limits on IP range blocks ($wgBlockCIDRLimit) by using the API. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
MitigationInstall update from vendor's website.
Vulnerable software versionsMediaWiki: 1.32.0 - 1.32.1
External linkshttp://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
http://phabricator.wikimedia.org/T199540
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU31008
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-12473
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
Wikimedia MediaWiki 1.27.0 through 1.32.1 might allow DoS. Passing invalid titles to the API could cause a DoS by querying the entire watchlist table. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
MitigationInstall update from vendor's website.
Vulnerable software versionsMediaWiki: 1.32.0 - 1.32.1
External linkshttp://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
http://phabricator.wikimedia.org/T204729
http://seclists.org/bugtraq/2019/Jun/12
http://www.debian.org/security/2019/dsa-4460
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU31009
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-12474
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
Wikimedia MediaWiki 1.23.0 through 1.32.1 has an information leak. Privileged API responses that include whether a recent change has been patrolled may be cached publicly. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
MitigationInstall update from vendor's website.
Vulnerable software versionsMediaWiki: 1.32.0 - 1.32.1
External linkshttp://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
http://phabricator.wikimedia.org/T212118
http://seclists.org/bugtraq/2019/Jun/12
http://www.debian.org/security/2019/dsa-4460
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU31016
Risk: High
CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-12467
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to sensitive information.
The vulnerability exists due to improper access restrictions. A remote attacker can send a specially crafted request and gain unauthorized access to the affected application.
MitigationUpdate to version 1.32.2.
Vulnerable software versionsMediaWiki: 1.32.0 - 1.32.1
External linkshttp://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
http://phabricator.wikimedia.org/T209794
http://seclists.org/bugtraq/2019/Jun/12
http://www.debian.org/security/2019/dsa-4460
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.