Multiple vulnerabilities in MediaWiki MediaWiki
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2019-12469 CVE-2019-12470 CVE-2019-12471 CVE-2019-12472 CVE-2019-12473 CVE-2019-12474 CVE-2019-12467 |
| CWE-ID | CWE-284 CWE-79 CWE-20 CWE-200 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #7 is available. |
| Vulnerable software |
MediaWiki Web applications / CMS |
| Vendor | MediaWiki.org |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Improper access control
EUVDB-ID: #VU30996
Risk: High
CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2019-12469
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to sensitive information.
The vulnerability exists due to improper access restrictions. A remote attacker can send a specially crafted request and gain unauthorized access to the affected application.
MitigationUpdate to version 1.32.2.
Vulnerable software versionsMediaWiki: 1.32.0 - 1.32.1
CPE2.3- cpe:2.3:a:mediawiki_org:mediawiki:1.32.0:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki_org:mediawiki:1.32.1:*:*:*:*:*:*:*
https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
https://phabricator.wikimedia.org/T222036
https://seclists.org/bugtraq/2019/Jun/12
https://www.debian.org/security/2019/dsa-4460
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Improper access control
EUVDB-ID: #VU30997
Risk: High
CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2019-12470
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to sensitive information.
The vulnerability exists due to improper access restrictions. A remote attacker can send a specially crafted request and gain unauthorized access to the affected application.
MitigationUpdate to version 1.32.2.
Vulnerable software versionsMediaWiki: 1.32.0 - 1.32.1
CPE2.3- cpe:2.3:a:mediawiki_org:mediawiki:1.32.0:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki_org:mediawiki:1.32.1:*:*:*:*:*:*:*
https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
https://phabricator.wikimedia.org/T222038
https://seclists.org/bugtraq/2019/Jun/12
https://www.debian.org/security/2019/dsa-4460
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Cross-site scripting
EUVDB-ID: #VU31006
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-12471
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Wikimedia MediaWiki 1.30.0 through 1.32.1 has XSS. Loading user JavaScript from a non-existent account allows anyone to create the account, and perform XSS on users loading that script. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
MitigationInstall update from vendor's website.
Vulnerable software versionsMediaWiki: 1.32.0 - 1.32.1
CPE2.3- cpe:2.3:a:mediawiki_org:mediawiki:1.32.0:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki_org:mediawiki:1.32.1:*:*:*:*:*:*:*
https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
https://phabricator.wikimedia.org/T207603
https://seclists.org/bugtraq/2019/Jun/12
https://www.debian.org/security/2019/dsa-4460
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper access control
EUVDB-ID: #VU31007
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-12472
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.18.0 through 1.32.1. It is possible to bypass the limits on IP range blocks ($wgBlockCIDRLimit) by using the API. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
MitigationInstall update from vendor's website.
Vulnerable software versionsMediaWiki: 1.32.0 - 1.32.1
CPE2.3- cpe:2.3:a:mediawiki_org:mediawiki:1.32.0:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki_org:mediawiki:1.32.1:*:*:*:*:*:*:*
https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
https://phabricator.wikimedia.org/T199540
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU31008
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-12473
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
Wikimedia MediaWiki 1.27.0 through 1.32.1 might allow DoS. Passing invalid titles to the API could cause a DoS by querying the entire watchlist table. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
MitigationInstall update from vendor's website.
Vulnerable software versionsMediaWiki: 1.32.0 - 1.32.1
CPE2.3- cpe:2.3:a:mediawiki_org:mediawiki:1.32.0:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki_org:mediawiki:1.32.1:*:*:*:*:*:*:*
https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
https://phabricator.wikimedia.org/T204729
https://seclists.org/bugtraq/2019/Jun/12
https://www.debian.org/security/2019/dsa-4460
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Information disclosure
EUVDB-ID: #VU31009
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-12474
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
Wikimedia MediaWiki 1.23.0 through 1.32.1 has an information leak. Privileged API responses that include whether a recent change has been patrolled may be cached publicly. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
MitigationInstall update from vendor's website.
Vulnerable software versionsMediaWiki: 1.32.0 - 1.32.1
CPE2.3- cpe:2.3:a:mediawiki_org:mediawiki:1.32.0:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki_org:mediawiki:1.32.1:*:*:*:*:*:*:*
https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
https://phabricator.wikimedia.org/T212118
https://seclists.org/bugtraq/2019/Jun/12
https://www.debian.org/security/2019/dsa-4460
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper access control
EUVDB-ID: #VU31016
Risk: High
CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2019-12467
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to sensitive information.
The vulnerability exists due to improper access restrictions. A remote attacker can send a specially crafted request and gain unauthorized access to the affected application.
MitigationUpdate to version 1.32.2.
Vulnerable software versionsMediaWiki: 1.32.0 - 1.32.1
CPE2.3- cpe:2.3:a:mediawiki_org:mediawiki:1.32.0:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki_org:mediawiki:1.32.1:*:*:*:*:*:*:*
https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
https://phabricator.wikimedia.org/T209794
https://seclists.org/bugtraq/2019/Jun/12
https://www.debian.org/security/2019/dsa-4460
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
