Main Vulnerability Database SB2023033113

SB2023033113 - Multiple vulnerabilities in MediaWiki

Published: March 31, 2023 Updated: July 6, 2023

Security Bulletin ID SB2023033113

Severity

Medium

Patch available

YES

Number of vulnerabilities 3

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Information disclosure (CVE-ID: CVE-2023-29141)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to way application handles the X-Forwarded-For header. A remote attacker can use the X-Forwarded-For header to brute-force the autoblocked IP addresses.

2) Improper Authentication (CVE-ID: N/A)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in OATHAuth implementation. A remote attacker can perform a replay attack when MediaWiki is configured without ObjectCache.

3) Incorrect regular expression (CVE-ID: CVE-2020-36649)

The vulnerability allows a remote attacker to perform regular expression denial of service (ReDoS) attack.

The vulnerability exists due to usage of a very complex regular expression in papaparse.js. A remote attacker can pass specially crafted input to the application and consume extensive system resources, resulting in a denial of service condition.

Remediation

Install update from vendor's website.

References

https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/6UQBHI5FWLATD7QO7DI4YS54U7XSSLAN/