Vulnerability-Lookup

CNVD-2023-08773

Vulnerability from cnvd - Published: 2023-02-14

Title

WordPress Zoho Activity Log输入验证错误漏洞

Description

WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress Zoho Activity Log存在输入验证错误漏洞，该漏洞源于组件HTTP Header Handler的未知代码，攻击者可利用该漏洞通过对参数X-Forwarded-For的操作导致错误的日志输出中和。

Severity

中

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://wordpress.org/plugins/aryo-activity-log/

Reference

https://drive.google.com/file/d/1x-pgK3_-uS7NWfkEt_tk4Wc9FhXk-pYX/view

Impacted products

Name
WordPress Zoho Activity Log

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2022-3941",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-3941"
    }
  },
  "description": "WordPress\u548cWordPress plugin\u90fd\u662fWordPress\u57fa\u91d1\u4f1a\u7684\u4ea7\u54c1\u3002WordPress\u662f\u4e00\u5957\u4f7f\u7528PHP\u8bed\u8a00\u5f00\u53d1\u7684\u535a\u5ba2\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u652f\u6301\u5728PHP\u548cMySQL\u7684\u670d\u52a1\u5668\u4e0a\u67b6\u8bbe\u4e2a\u4eba\u535a\u5ba2\u7f51\u7ad9\u3002WordPress plugin\u662f\u4e00\u4e2a\u5e94\u7528\u63d2\u4ef6\u3002\n\nWordPress Zoho Activity Log\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7ec4\u4ef6HTTP Header Handler\u7684\u672a\u77e5\u4ee3\u7801\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u5bf9\u53c2\u6570X-Forwarded-For\u7684\u64cd\u4f5c\u5bfc\u81f4\u9519\u8bef\u7684\u65e5\u5fd7\u8f93\u51fa\u4e2d\u548c\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://wordpress.org/plugins/aryo-activity-log/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2023-08773",
  "openTime": "2023-02-14",
  "products": {
    "product": "WordPress Zoho Activity Log"
  },
  "referenceLink": "https://drive.google.com/file/d/1x-pgK3_-uS7NWfkEt_tk4Wc9FhXk-pYX/view",
  "serverity": "\u4e2d",
  "submitTime": "2022-11-16",
  "title": "WordPress Zoho Activity Log\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e"
}

CVE-2022-3941 (GCVE-0-2022-3941)

Vulnerability from cvelistv5 – Published: 2022-11-11 00:00 – Updated: 2024-08-03 01:27

Title

Activity Log Plugin HTTP Header neutralization for logs

Summary

A vulnerability has been found in Activity Log Plugin and classified as critical. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-213448.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE

CWE-707 - Improper Neutralization -> CWE-74 Injection -> CWE-117 Improper Output Neutralization for Logs

Assigner

VulDB

References

URL

Tags

	https://drive.google.com/file/d/1YNOLomPC95rRvtk0…
	https://drive.google.com/file/d/1x-pgK3_-uS7NWfkE…
	https://vuldb.com/?id.213448

Impacted products

	Vendor	Product	Version
	unspecified	Activity Log Plugin	Affected: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T01:27:53.074Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://drive.google.com/file/d/1YNOLomPC95rRvtk0topUhStVIa7Y8lcq/view"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://drive.google.com/file/d/1x-pgK3_-uS7NWfkEt_tk4Wc9FhXk-pYX/view"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://vuldb.com/?id.213448"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Activity Log Plugin",
          "vendor": "unspecified",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been found in Activity Log Plugin and classified as critical. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-213448."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-707",
              "description": "CWE-707 Improper Neutralization -\u003e CWE-74 Injection -\u003e CWE-117 Improper Output Neutralization for Logs",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-11T00:00:00.000Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "url": "https://drive.google.com/file/d/1YNOLomPC95rRvtk0topUhStVIa7Y8lcq/view"
        },
        {
          "url": "https://drive.google.com/file/d/1x-pgK3_-uS7NWfkEt_tk4Wc9FhXk-pYX/view"
        },
        {
          "url": "https://vuldb.com/?id.213448"
        }
      ],
      "title": "Activity Log Plugin HTTP Header neutralization for logs",
      "x_generator": "vuldb.com"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2022-3941",
    "datePublished": "2022-11-11T00:00:00.000Z",
    "dateReserved": "2022-11-11T00:00:00.000Z",
    "dateUpdated": "2024-08-03T01:27:53.074Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2023-08773

CVE-2022-3941 (GCVE-0-2022-3941)

Tags

Sightings

Nomenclature