CVE-2021-21275

The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of MediaWiki edit tokens.

CVSS v3 4.3 MEDIUM
CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://github.com/Kenny2github/Report/commit/f828dc6f73cdfaea5639edbf8ac7b326eeefb117	Patch Third Party Advisory
https://github.com/Kenny2github/Report/security/advisories/GHSA-9f3w-c334-jm2h	Patch Third Party Advisory
https://www.oracle.com//security-alerts/cpujul2021.html	Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:report_project:report:*:*:*:*:*:mediawiki:*:*

Configuration 2 (hide)

OR	cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:::::::*
	cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:::::::*
	cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5.0:::::::*

History

No history.

Information

Published : 2021-01-25 23:15

Updated : 2024-02-28 18:08

NVD link : CVE-2021-21275

Mitre link : CVE-2021-21275

CVE.ORG link : CVE-2021-21275

JSON object : View

Products Affected

report_project

report

oracle

communications_cloud_native_core_network_slice_selection_function
communications_pricing_design_center

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

{"id": "CVE-2021-21275", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2021-01-25T23:15:11.887", "references": [{"url": "https://github.com/Kenny2github/Report/commit/f828dc6f73cdfaea5639edbf8ac7b326eeefb117", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/Kenny2github/Report/security/advisories/GHSA-9f3w-c334-jm2h", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://www.oracle.com//security-alerts/cpujul2021.html", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "The MediaWiki \"Report\" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of MediaWiki edit tokens."}, {"lang": "es", "value": "La extensi\u00f3n \"Report\" de MediaWiki presenta una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF). Antes de la versi\u00f3n corregida, no hab\u00eda protecci\u00f3n contra las comprobaciones de CSRF en Special:Report, por lo que las peticiones para reportar una revisi\u00f3n podr\u00edan ser falsificadas. El problema ha sido corregido en el commit f828dc6 al hacer uso de los tokens de edici\u00f3n de MediaWiki"}], "lastModified": "2022-04-26T14:45:10.577", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:report_project:report:*:*:*:*:*:mediawiki:*:*", "vulnerable": true, "matchCriteriaId": "E3403B6D-74B4-4DCB-ACE0-11BE197602A4", "versionEndExcluding": "2021-01-21"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADE6EF8F-1F05-429B-A916-76FDB20CEB81"}, {"criteria": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A28F42F0-FBDA-4574-AD30-7A04F27FEA3E"}, {"criteria": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "129CA55C-C770-4D42-BD17-9011F3AC93C4"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}