CVE-2016-5742

{"id": "CVE-2016-5742", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2017-01-23T21:59:01.783", "references": [{"url": "http://www.openwall.com/lists/oss-security/2016/06/22/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2016/06/22/5", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2016/06/22/6", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1036160", "source": "cve@mitre.org"}, {"url": "https://movabletype.org/news/2016/06/movable_type_626_and_613_released.html", "tags": ["Release Notes", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2016/06/22/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2016/06/22/5", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2016/06/22/6", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1036160", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://movabletype.org/news/2016/06/movable_type_626_and_613_released.html", "tags": ["Release Notes", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in the XML-RPC interface in Movable Type Pro and Advanced 6.x before 6.1.3 and 6.2.x before 6.2.6 and Movable Type Open Source 5.2.13 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n SQL en la interfaz XML-RPC en Movable Type Pro y Advanced 6.x en versiones anteriores a 6.1.3 y 6.2.x en versiones anteriores a 6.2.6 y Movable Type Open Source 5.2.13 y versiones anteriores permite a atacantes remotos ejecutar comandos SQL arbitrarios a trav\u00e9s de vectores no especificados."}], "lastModified": "2024-11-21T02:54:56.133", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sixapart:movable_type:6.0:*:*:*:advanced:*:*:*", "vulnerable": true, "matchCriteriaId": "46EBCB79-DD24-452C-8B54-A6ADF459C46D"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.0:*:*:*:pro:*:*:*", "vulnerable": true, "matchCriteriaId": "99D6EEE2-8F5F-43D1-A9AF-DFCE59483FD5"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.0.1:*:*:*:advanced:*:*:*", "vulnerable": true, "matchCriteriaId": "6B1A1A8A-B47E-40F3-A07D-66AD8F2031E2"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.0.1:*:*:*:pro:*:*:*", "vulnerable": true, "matchCriteriaId": "36435113-44FE-41C6-9EB6-DB603BB7E8DF"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.0.2:*:*:*:advanced:*:*:*", "vulnerable": true, "matchCriteriaId": "4801F84C-004D-437A-BC4A-45915B4228A1"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.0.2:*:*:*:pro:*:*:*", "vulnerable": true, "matchCriteriaId": "CE664558-4896-4326-BC03-973A9B4EE59D"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.0.3:*:*:*:advanced:*:*:*", "vulnerable": true, "matchCriteriaId": "292405F1-4A82-4961-A4A1-F21F3AA6510D"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.0.3:*:*:*:pro:*:*:*", "vulnerable": true, "matchCriteriaId": "FB43E3B1-A8CA-4F16-B034-F4E9321C2423"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.0.4:*:*:*:advanced:*:*:*", "vulnerable": true, "matchCriteriaId": "A485EFD7-255F-4BA2-9032-D96FB88C795B"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.0.4:*:*:*:pro:*:*:*", "vulnerable": true, "matchCriteriaId": "8C0B7753-6DB3-4B01-9202-1D18596A135C"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.0.5:*:*:*:advanced:*:*:*", "vulnerable": true, "matchCriteriaId": "77DC2B82-8822-40AF-B8BF-0612BF3054FD"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.0.5:*:*:*:pro:*:*:*", "vulnerable": true, "matchCriteriaId": "C27BAB0B-4489-4B2A-9251-F4F671906200"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.0.6:*:*:*:advanced:*:*:*", "vulnerable": true, "matchCriteriaId": "1FC6BA31-5FFE-4473-96EE-4BB376F073A7"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.0.6:*:*:*:pro:*:*:*", "vulnerable": true, "matchCriteriaId": "CFEA0EB4-8666-4D07-899A-519A41AB1CD1"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.0.7:*:*:*:advanced:*:*:*", "vulnerable": true, "matchCriteriaId": "B60407F2-9F4C-4CE8-A2EE-CD526D5C682A"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.0.7:*:*:*:pro:*:*:*", "vulnerable": true, "matchCriteriaId": "A5ADA8C6-E7EF-4B00-ABBB-50854ECEDFF2"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.0.8:*:*:*:advanced:*:*:*", "vulnerable": true, "matchCriteriaId": "08ADF3D9-7462-4577-AA03-F5A5D3BA8C8B"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.0.8:*:*:*:pro:*:*:*", "vulnerable": true, "matchCriteriaId": "559A24DE-EBCD-4240-86E5-AD16F6BA6F39"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.1.0:*:*:*:advanced:*:*:*", "vulnerable": true, "matchCriteriaId": "05AADF42-D62C-4CD0-9581-4E29F3704E6C"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.1.0:*:*:*:pro:*:*:*", "vulnerable": true, "matchCriteriaId": "53CA8349-8798-4A16-B13E-B72B62141B42"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.1.1:*:*:*:advanced:*:*:*", "vulnerable": true, "matchCriteriaId": "D0A60CE1-E1BB-4020-9B46-C4FBBB18189A"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.1.1:*:*:*:pro:*:*:*", "vulnerable": true, "matchCriteriaId": "1BF4E7AD-CE6D-4F04-ABC9-286173C427B0"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.1.2:*:*:*:advanced:*:*:*", "vulnerable": true, "matchCriteriaId": "C0B57ADA-5C3D-4B1A-9361-806E1CEE20E6"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.1.2:*:*:*:pro:*:*:*", "vulnerable": true, "matchCriteriaId": "FD38EA40-8ED0-4C96-BEF9-FB564C27E6FF"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.2.0:*:*:*:advanced:*:*:*", "vulnerable": true, "matchCriteriaId": "9B2AAB80-89F0-4DEC-BB2B-DB33CC98E979"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.2.0:*:*:*:pro:*:*:*", "vulnerable": true, "matchCriteriaId": "437E1348-D432-4822-9FFD-437809CB0890"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.2.2:*:*:*:advanced:*:*:*", "vulnerable": true, "matchCriteriaId": "F191CFFC-795D-4123-80C0-FEA01517C3E0"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.2.2:*:*:*:pro:*:*:*", "vulnerable": true, "matchCriteriaId": "BC863821-142E-4B2C-BBB3-A0E34898EEA4"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.2.4:*:*:*:advanced:*:*:*", "vulnerable": true, "matchCriteriaId": "D1C039F4-5CFE-4B49-AB61-BEC853587EFA"}, {"criteria": "cpe:2.3:a:sixapart:movable_type:6.2.4:*:*:*:pro:*:*:*", "vulnerable": true, "matchCriteriaId": "4D86453C-13CC-4D7A-A937-D3F6E26ABD10"}, {"criteria": "cpe:2.3:a:sixapart:movable_type_open_source:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7C08602-329C-4506-BEFF-BF35BCDC7CB1", "versionEndIncluding": "5.2.13"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}