cvelistv5 - CVE-2020-5576

CVE-2020-5576 (GCVE-0-2020-5576)

Vulnerability from cvelistv5 – Published: 2020-05-14 01:00 – Updated: 2024-08-04 08:30

Summary

Cross-site request forgery (CSRF) vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allows remote attackers to hijack the authentication of administrators via unspecified vectors.

Severity ?

No CVSS data available.

CWE

Cross-site request forgery

Assigner

jpcert

References

URL

Tags

	https://movabletype.org/news/2020/05/mt-730-660-6…	x_refsource_MISC
	https://jvn.jp/en/jp/JVN28806943/index.html	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Six Apart Ltd.	Movable Type	Affected: Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T08:30:24.817Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://movabletype.org/news/2020/05/mt-730-660-6312-released.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://jvn.jp/en/jp/JVN28806943/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Movable Type",
          "vendor": "Six Apart Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site request forgery (CSRF) vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allows remote attackers to hijack the authentication of administrators via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Cross-site request forgery",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-14T01:00:21",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://movabletype.org/news/2020/05/mt-730-660-6312-released.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://jvn.jp/en/jp/JVN28806943/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2020-5576",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Movable Type",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Six Apart Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site request forgery (CSRF) vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allows remote attackers to hijack the authentication of administrators via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Cross-site request forgery"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://movabletype.org/news/2020/05/mt-730-660-6312-released.html",
              "refsource": "MISC",
              "url": "https://movabletype.org/news/2020/05/mt-730-660-6312-released.html"
            },
            {
              "name": "https://jvn.jp/en/jp/JVN28806943/index.html",
              "refsource": "MISC",
              "url": "https://jvn.jp/en/jp/JVN28806943/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2020-5576",
    "datePublished": "2020-05-14T01:00:22",
    "dateReserved": "2020-01-06T00:00:00",
    "dateUpdated": "2024-08-04T08:30:24.817Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sixapart:movable_type:*:*:*:*:advanced:*:*:*\", \"versionEndIncluding\": \"1.29\", \"matchCriteriaId\": \"3D88132B-1FE5-42F9-8E06-84DC0FA31C46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sixapart:movable_type:*:*:*:*:premium:*:*:*\", \"versionEndIncluding\": \"1.29\", \"matchCriteriaId\": \"2005D2D5-4CA2-4644-9F87-B7DCA1EBF132\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sixapart:movable_type:*:*:*:*:-:*:*:*\", \"versionStartIncluding\": \"6.3\", \"versionEndIncluding\": \"6.3.11\", \"matchCriteriaId\": \"98A6AEB4-B75E-4759-AD1B-D87D410652E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sixapart:movable_type:*:*:*:*:advanced:*:*:*\", \"versionStartIncluding\": \"6.3\", \"versionEndIncluding\": \"6.3.11\", \"matchCriteriaId\": \"65955180-1085-4A67-9E96-AAAD69237E85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sixapart:movable_type:*:*:*:*:-:*:*:*\", \"versionStartIncluding\": \"6.5.0\", \"versionEndIncluding\": \"6.5.3\", \"matchCriteriaId\": \"00F5146E-F4DF-44CD-A5AC-F42191FCE558\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sixapart:movable_type:*:*:*:*:advanced:*:*:*\", \"versionStartIncluding\": \"6.5.0\", \"versionEndIncluding\": \"6.5.3\", \"matchCriteriaId\": \"62413AE4-54CE-4C8F-9CD3-8C6B5F118F85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sixapart:movable_type:*:*:*:*:*:aws:*:*\", \"versionStartIncluding\": \"7.0\", \"versionEndIncluding\": \"7.2.1\", \"matchCriteriaId\": \"5A47BEEF-E49C-4AB5-BCB1-7A46B3784C6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sixapart:movable_type:*:*:*:*:-:*:*:*\", \"versionStartIncluding\": \"7.0\", \"versionEndIncluding\": \"7.2.1\", \"matchCriteriaId\": \"5BE18A59-7288-4CB8-AFA0-C8CFAB9DCA09\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sixapart:movable_type:*:*:*:*:advanced:*:*:*\", \"versionStartIncluding\": \"7.0\", \"versionEndIncluding\": \"7.2.1\", \"matchCriteriaId\": \"831E171A-BDA4-4181-B817-0D307B37D472\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cross-site request forgery (CSRF) vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allows remote attackers to hijack the authentication of administrators via unspecified vectors.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de tipo cross-site request forgery (CSRF) en la serie Movable Type (Movable Type versiones 7 r.4606 (7.2.1) y anteriores (Movable Type versi\\u00f3n 7), Movable Type Advanced versiones 7 r.4606 (7.2.1) y anteriores (Movable Type Advanced versi\\u00f3n 7), Movable Type para AWS versiones 7 r.4606 (7.2.1) y anteriores (Movable Type para AWS versi\\u00f3n 7), Movable Type versiones 6.5.3 y anteriores (Movable Type versi\\u00f3n 6.5), Movable Type Advanced versiones 6.5.3 y anteriores (Movable Type Advanced versi\\u00f3n 6.5), Movable Type versiones 6.3.11 y anteriores (Movable Type versi\\u00f3n 6.3), Movable Type Advanced versiones 6.3.11 y anteriores (Movable Type versi\\u00f3n 6.3), Movable Type Premium versiones 1.29 y anteriores, y Movable Type Premium Advanced versiones 1.29 y anteriores), permite a atacantes remotos secuestrar la autenticaci\\u00f3n de administradores por medio de vectores no especificados.\"}]",
      "id": "CVE-2020-5576",
      "lastModified": "2024-11-21T05:34:18.183",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2020-05-14T02:15:11.407",
      "references": "[{\"url\": \"https://jvn.jp/en/jp/JVN28806943/index.html\", \"source\": \"vultures@jpcert.or.jp\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://movabletype.org/news/2020/05/mt-730-660-6312-released.html\", \"source\": \"vultures@jpcert.or.jp\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://jvn.jp/en/jp/JVN28806943/index.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://movabletype.org/news/2020/05/mt-730-660-6312-released.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "vultures@jpcert.or.jp",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-352\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-5576\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2020-05-14T02:15:11.407\",\"lastModified\":\"2024-11-21T05:34:18.183\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site request forgery (CSRF) vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allows remote attackers to hijack the authentication of administrators via unspecified vectors.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de tipo cross-site request forgery (CSRF) en la serie Movable Type (Movable Type versiones 7 r.4606 (7.2.1) y anteriores (Movable Type versi\u00f3n 7), Movable Type Advanced versiones 7 r.4606 (7.2.1) y anteriores (Movable Type Advanced versi\u00f3n 7), Movable Type para AWS versiones 7 r.4606 (7.2.1) y anteriores (Movable Type para AWS versi\u00f3n 7), Movable Type versiones 6.5.3 y anteriores (Movable Type versi\u00f3n 6.5), Movable Type Advanced versiones 6.5.3 y anteriores (Movable Type Advanced versi\u00f3n 6.5), Movable Type versiones 6.3.11 y anteriores (Movable Type versi\u00f3n 6.3), Movable Type Advanced versiones 6.3.11 y anteriores (Movable Type versi\u00f3n 6.3), Movable Type Premium versiones 1.29 y anteriores, y Movable Type Premium Advanced versiones 1.29 y anteriores), permite a atacantes remotos secuestrar la autenticaci\u00f3n de administradores por medio de vectores no especificados.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sixapart:movable_type:*:*:*:*:advanced:*:*:*\",\"versionEndIncluding\":\"1.29\",\"matchCriteriaId\":\"3D88132B-1FE5-42F9-8E06-84DC0FA31C46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sixapart:movable_type:*:*:*:*:premium:*:*:*\",\"versionEndIncluding\":\"1.29\",\"matchCriteriaId\":\"2005D2D5-4CA2-4644-9F87-B7DCA1EBF132\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sixapart:movable_type:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"6.3\",\"versionEndIncluding\":\"6.3.11\",\"matchCriteriaId\":\"98A6AEB4-B75E-4759-AD1B-D87D410652E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sixapart:movable_type:*:*:*:*:advanced:*:*:*\",\"versionStartIncluding\":\"6.3\",\"versionEndIncluding\":\"6.3.11\",\"matchCriteriaId\":\"65955180-1085-4A67-9E96-AAAD69237E85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sixapart:movable_type:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"6.5.0\",\"versionEndIncluding\":\"6.5.3\",\"matchCriteriaId\":\"00F5146E-F4DF-44CD-A5AC-F42191FCE558\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sixapart:movable_type:*:*:*:*:advanced:*:*:*\",\"versionStartIncluding\":\"6.5.0\",\"versionEndIncluding\":\"6.5.3\",\"matchCriteriaId\":\"62413AE4-54CE-4C8F-9CD3-8C6B5F118F85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sixapart:movable_type:*:*:*:*:*:aws:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndIncluding\":\"7.2.1\",\"matchCriteriaId\":\"5A47BEEF-E49C-4AB5-BCB1-7A46B3784C6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sixapart:movable_type:*:*:*:*:-:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndIncluding\":\"7.2.1\",\"matchCriteriaId\":\"5BE18A59-7288-4CB8-AFA0-C8CFAB9DCA09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sixapart:movable_type:*:*:*:*:advanced:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndIncluding\":\"7.2.1\",\"matchCriteriaId\":\"831E171A-BDA4-4181-B817-0D307B37D472\"}]}]}],\"references\":[{\"url\":\"https://jvn.jp/en/jp/JVN28806943/index.html\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://movabletype.org/news/2020/05/mt-730-660-6312-released.html\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://jvn.jp/en/jp/JVN28806943/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://movabletype.org/news/2020/05/mt-730-660-6312-released.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

GSD-2020-5576

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2020-5576

Aliases

CVE-2020-5576

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-5576",
    "description": "Cross-site request forgery (CSRF) vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allows remote attackers to hijack the authentication of administrators via unspecified vectors.",
    "id": "GSD-2020-5576"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-5576"
      ],
      "details": "Cross-site request forgery (CSRF) vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allows remote attackers to hijack the authentication of administrators via unspecified vectors.",
      "id": "GSD-2020-5576",
      "modified": "2023-12-13T01:22:03.738917Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "vultures@jpcert.or.jp",
        "ID": "CVE-2020-5576",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Movable Type",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Six Apart Ltd."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cross-site request forgery (CSRF) vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allows remote attackers to hijack the authentication of administrators via unspecified vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Cross-site request forgery"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://movabletype.org/news/2020/05/mt-730-660-6312-released.html",
            "refsource": "MISC",
            "url": "https://movabletype.org/news/2020/05/mt-730-660-6312-released.html"
          },
          {
            "name": "https://jvn.jp/en/jp/JVN28806943/index.html",
            "refsource": "MISC",
            "url": "https://jvn.jp/en/jp/JVN28806943/index.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:advanced:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.29",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:premium:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.29",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:-:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.3.11",
                "versionStartIncluding": "6.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:advanced:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.3.11",
                "versionStartIncluding": "6.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:-:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.5.3",
                "versionStartIncluding": "6.5.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:advanced:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.5.3",
                "versionStartIncluding": "6.5.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:*:aws:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.2.1",
                "versionStartIncluding": "7.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:-:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.2.1",
                "versionStartIncluding": "7.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:advanced:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.2.1",
                "versionStartIncluding": "7.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2020-5576"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cross-site request forgery (CSRF) vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allows remote attackers to hijack the authentication of administrators via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-352"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://jvn.jp/en/jp/JVN28806943/index.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://jvn.jp/en/jp/JVN28806943/index.html"
            },
            {
              "name": "https://movabletype.org/news/2020/05/mt-730-660-6312-released.html",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://movabletype.org/news/2020/05/mt-730-660-6312-released.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2020-05-15T17:33Z",
      "publishedDate": "2020-05-14T02:15Z"
    }
  }
}

FKIE_CVE-2020-5576

Vulnerability from fkie_nvd - Published: 2020-05-14 02:15 - Updated: 2024-11-21 05:34

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
vultures@jpcert.or.jp	https://jvn.jp/en/jp/JVN28806943/index.html	Third Party Advisory, VDB Entry
vultures@jpcert.or.jp	https://movabletype.org/news/2020/05/mt-730-660-6312-released.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://jvn.jp/en/jp/JVN28806943/index.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://movabletype.org/news/2020/05/mt-730-660-6312-released.html	Vendor Advisory

Impacted products

Vendor	Product	Version
sixapart	movable_type	*
sixapart	movable_type	*
sixapart	movable_type	*
sixapart	movable_type	*
sixapart	movable_type	*
sixapart	movable_type	*
sixapart	movable_type	*
sixapart	movable_type	*
sixapart	movable_type	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:advanced:*:*:*",
              "matchCriteriaId": "3D88132B-1FE5-42F9-8E06-84DC0FA31C46",
              "versionEndIncluding": "1.29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:premium:*:*:*",
              "matchCriteriaId": "2005D2D5-4CA2-4644-9F87-B7DCA1EBF132",
              "versionEndIncluding": "1.29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "98A6AEB4-B75E-4759-AD1B-D87D410652E6",
              "versionEndIncluding": "6.3.11",
              "versionStartIncluding": "6.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:advanced:*:*:*",
              "matchCriteriaId": "65955180-1085-4A67-9E96-AAAD69237E85",
              "versionEndIncluding": "6.3.11",
              "versionStartIncluding": "6.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "00F5146E-F4DF-44CD-A5AC-F42191FCE558",
              "versionEndIncluding": "6.5.3",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:advanced:*:*:*",
              "matchCriteriaId": "62413AE4-54CE-4C8F-9CD3-8C6B5F118F85",
              "versionEndIncluding": "6.5.3",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:*:aws:*:*",
              "matchCriteriaId": "5A47BEEF-E49C-4AB5-BCB1-7A46B3784C6B",
              "versionEndIncluding": "7.2.1",
              "versionStartIncluding": "7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "5BE18A59-7288-4CB8-AFA0-C8CFAB9DCA09",
              "versionEndIncluding": "7.2.1",
              "versionStartIncluding": "7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sixapart:movable_type:*:*:*:*:advanced:*:*:*",
              "matchCriteriaId": "831E171A-BDA4-4181-B817-0D307B37D472",
              "versionEndIncluding": "7.2.1",
              "versionStartIncluding": "7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site request forgery (CSRF) vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allows remote attackers to hijack the authentication of administrators via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de tipo cross-site request forgery (CSRF) en la serie Movable Type (Movable Type versiones 7 r.4606 (7.2.1) y anteriores (Movable Type versi\u00f3n 7), Movable Type Advanced versiones 7 r.4606 (7.2.1) y anteriores (Movable Type Advanced versi\u00f3n 7), Movable Type para AWS versiones 7 r.4606 (7.2.1) y anteriores (Movable Type para AWS versi\u00f3n 7), Movable Type versiones 6.5.3 y anteriores (Movable Type versi\u00f3n 6.5), Movable Type Advanced versiones 6.5.3 y anteriores (Movable Type Advanced versi\u00f3n 6.5), Movable Type versiones 6.3.11 y anteriores (Movable Type versi\u00f3n 6.3), Movable Type Advanced versiones 6.3.11 y anteriores (Movable Type versi\u00f3n 6.3), Movable Type Premium versiones 1.29 y anteriores, y Movable Type Premium Advanced versiones 1.29 y anteriores), permite a atacantes remotos secuestrar la autenticaci\u00f3n de administradores por medio de vectores no especificados."
    }
  ],
  "id": "CVE-2020-5576",
  "lastModified": "2024-11-21T05:34:18.183",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-05-14T02:15:11.407",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://jvn.jp/en/jp/JVN28806943/index.html"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://movabletype.org/news/2020/05/mt-730-660-6312-released.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://jvn.jp/en/jp/JVN28806943/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://movabletype.org/news/2020/05/mt-730-660-6312-released.html"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-3PQR-R447-F4MH

Vulnerability from github – Published: 2022-05-24 17:17 – Updated: 2022-05-24 17:17

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-5576"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-05-14T02:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Cross-site request forgery (CSRF) vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allows remote attackers to hijack the authentication of administrators via unspecified vectors.",
  "id": "GHSA-3pqr-r447-f4mh",
  "modified": "2022-05-24T17:17:57Z",
  "published": "2022-05-24T17:17:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5576"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/jp/JVN28806943/index.html"
    },
    {
      "type": "WEB",
      "url": "https://movabletype.org/news/2020/05/mt-730-660-6312-released.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

JVNDB-2020-000030

Vulnerability from jvndb - Published: 2020-05-13 17:59 - Updated:2020-05-13 17:59

Severity ?

6.3 (Medium) - cvssV3_0 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Summary

Multiple vulnerabilities in Movable Type

Details

Movable Type provided by Six Apart Ltd. contains multiple vulnerabilities listed below. * HTML attribute value injection vulnerability (CWE-74) - CVE-2020-5574 * Cross-site scripting due to a flaw in processing multiple query strings (CWE-79) - CVE-2020-5575 * Cross-site request forgery (CWE-352) - CVE-2020-5576 * Unrestricted upload of file with specific extentions (CWE-434) - CVE-2020-5577 The following researchers reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. CVE-2020-5574, CVE-2020-5575, CVE-2020-5576 Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. CVE-2020-5577 Yuji Tounai of Mitsui Bussan Secure Directions, Inc.

References

Type

URL

	JVN	https://jvn.jp/en/jp/JVN28806943/index.html
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5574
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5575
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5576
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5577
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-5574
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-5575
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-5576
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-5577
	Cross-Site Request Forgery(CWE-352)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
	Cross-site Scripting(CWE-79)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
	No Mapping(CWE-Other)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

Six Apart, Ltd.

Movable Type

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-000030.html",
  "dc:date": "2020-05-13T17:59+09:00",
  "dcterms:issued": "2020-05-13T17:59+09:00",
  "dcterms:modified": "2020-05-13T17:59+09:00",
  "description": "Movable Type provided by Six Apart Ltd. contains multiple vulnerabilities listed below. \r\n* HTML attribute value injection vulnerability (CWE-74) - CVE-2020-5574\r\n* Cross-site scripting due to a flaw in processing multiple query strings (CWE-79) - CVE-2020-5575\r\n* Cross-site request forgery (CWE-352) - CVE-2020-5576\r\n* Unrestricted upload of file with specific extentions (CWE-434) - CVE-2020-5577 \r\n\r\nThe following researchers reported these vulnerabilities to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.\r\n\r\nCVE-2020-5574, CVE-2020-5575, CVE-2020-5576\r\nToshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc.\r\n\r\nCVE-2020-5577\r\nYuji Tounai of Mitsui Bussan Secure Directions, Inc.",
  "link": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-000030.html",
  "sec:cpe": {
    "#text": "cpe:/a:sixapart:movable_type",
    "@product": "Movable Type",
    "@vendor": "Six Apart, Ltd.",
    "@version": "2.2"
  },
  "sec:cvss": [
    {
      "@score": "6.5",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
      "@version": "2.0"
    },
    {
      "@score": "6.3",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2020-000030",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN28806943/index.html",
      "@id": "JVN#28806943",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5574",
      "@id": "CVE-2020-5574",
      "@source": "CVE"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5575",
      "@id": "CVE-2020-5575",
      "@source": "CVE"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5576",
      "@id": "CVE-2020-5576",
      "@source": "CVE"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5577",
      "@id": "CVE-2020-5577",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2020-5574",
      "@id": "CVE-2020-5574",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2020-5575",
      "@id": "CVE-2020-5575",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2020-5576",
      "@id": "CVE-2020-5576",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2020-5577",
      "@id": "CVE-2020-5577",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-352",
      "@title": "Cross-Site Request Forgery(CWE-352)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-79",
      "@title": "Cross-site Scripting(CWE-79)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "Multiple vulnerabilities in Movable Type"
}

CNVD-2020-41506

Vulnerability from cnvd - Published: 2020-07-21

Title

Six Apart Movable Type跨站请求伪造漏洞

Description

Six Apart Movable Type（MT）是美国Six Apart公司的一套博客系统。该系统包括多用户、评论、引用和主题等功能。 Six Apart MT中存在跨站请求伪造漏洞。攻击者可利用该漏洞劫持用户身份，执行非法操作。

Severity

中

Patch Name

Six Apart Movable Type跨站请求伪造漏洞的补丁

Patch Description

Six Apart Movable Type（MT）是美国Six Apart公司的一套博客系统。该系统包括多用户、评论、引用和主题等功能。 Six Apart MT中存在跨站请求伪造漏洞。攻击者可利用该漏洞劫持用户身份，执行非法操作。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://movabletype.org/news/2020/05/mt-730-660-6312-released.html

Reference

https://nvd.nist.gov/vuln/detail/CVE-2020-5576

Impacted products

Name
['Six Apart Movable Type Advanced <=7 r.4602', 'Six Apart Movable Type <=7 r.4606 7.2.1', 'Six Apart Movable Type <=6.5.3', 'Six Apart Movable Type <=6.3.11', 'Six Apart Movable Type Advanced <=6.5.3', 'Six Apart Movable Type Advanced <=6.3.11', 'Six Apart Movable Type for AWS <=7 r.4606 7.2.1', 'Six Apart Movable Type Premium <=1.29', 'Six Apart Movable Type Premium Advanced <=1.29']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-5576"
    }
  },
  "description": "Six Apart Movable Type\uff08MT\uff09\u662f\u7f8e\u56fdSix Apart\u516c\u53f8\u7684\u4e00\u5957\u535a\u5ba2\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u5305\u62ec\u591a\u7528\u6237\u3001\u8bc4\u8bba\u3001\u5f15\u7528\u548c\u4e3b\u9898\u7b49\u529f\u80fd\u3002\n\nSix Apart MT\u4e2d\u5b58\u5728\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u52ab\u6301\u7528\u6237\u8eab\u4efd\uff0c\u6267\u884c\u975e\u6cd5\u64cd\u4f5c\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://movabletype.org/news/2020/05/mt-730-660-6312-released.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-41506",
  "openTime": "2020-07-21",
  "patchDescription": "Six Apart Movable Type\uff08MT\uff09\u662f\u7f8e\u56fdSix Apart\u516c\u53f8\u7684\u4e00\u5957\u535a\u5ba2\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u5305\u62ec\u591a\u7528\u6237\u3001\u8bc4\u8bba\u3001\u5f15\u7528\u548c\u4e3b\u9898\u7b49\u529f\u80fd\u3002\r\n\r\nSix Apart MT\u4e2d\u5b58\u5728\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u52ab\u6301\u7528\u6237\u8eab\u4efd\uff0c\u6267\u884c\u975e\u6cd5\u64cd\u4f5c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Six Apart Movable Type\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Six Apart Movable Type Advanced \u003c=7 r.4602",
      "Six Apart Movable Type \u003c=7 r.4606 7.2.1",
      "Six Apart Movable Type \u003c=6.5.3",
      "Six Apart Movable Type \u003c=6.3.11",
      "Six Apart Movable Type Advanced \u003c=6.5.3",
      "Six Apart Movable Type Advanced \u003c=6.3.11",
      "Six Apart Movable Type for AWS \u003c=7 r.4606 7.2.1",
      "Six Apart Movable Type Premium \u003c=1.29",
      "Six Apart Movable Type Premium Advanced \u003c=1.29"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-5576",
  "serverity": "\u4e2d",
  "submitTime": "2020-05-15",
  "title": "Six Apart Movable Type\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-5576 (GCVE-0-2020-5576)

GSD-2020-5576

FKIE_CVE-2020-5576

GHSA-3PQR-R447-F4MH

JVNDB-2020-000030

CNVD-2020-41506

Tags

Sightings

Nomenclature