SB2022100714 - Multiple vulnerabilities in MediaWiki

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022100714

SB2022100714 - Multiple vulnerabilities in MediaWiki

Published: October 7, 2022

Security Bulletin ID SB2022100714
Severity
Medium
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Information disclosure

Breakdown by Severity

Medium 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2022-39191)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to OAuth debug log includes consumer secrets. A remote attacker can gain unauthorized access to sensitive information on the system.


2) Resource exhaustion (CVE-ID: CVE-2022-39194)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources within the community configuration pages for the GrowthExperiments extension. A remote administrator can trigger resource exhaustion and perform a denial of service (DoS) attack.


3) Information disclosure (CVE-ID: CVE-2022-39192)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to IP Info tool shows whether an IP is autoblocked. A remote attacker can unmas of users by correlation.


4) Improper access control (CVE-ID: CVE-2022-41344)

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote user can mark own article as reviewed if they use api.php?action=pagetriageaction.


5) Open redirect (CVE-ID: CVE-2022-41346)

The vulnerability allows a remote attacker to redirect victims to arbitrary URL.

The vulnerability exists due to improper sanitization of user-supplied data in the Special:OAuth/rest_redirect. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.

Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.


6) Improper access control (CVE-ID: CVE-2022-41345)

The vulnerability allows a remote user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to the blocked administrator can mark pages for translation.


Remediation

Install update from vendor's website.

References