FKIE_CVE-2024-29897

Vulnerability from fkie_nvd - Published: 2024-03-28 14:15 - Updated: 2024-11-21 09:08
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. It is possible for users with (delete) or (suppressrevision) on any wiki in the farm to access suppressed wiki requests by going to the request's entry on Special:RequestWikiQueue on the wiki where they have these rights. The same vulnerability was present briefly on the REST API before being quickly corrected in commit `6bc0685`. To our knowledge, the vulnerable commits of the REST API are not running in production anywhere. This vulnerability is fixed in 23415c17ffb4832667c06abcf1eadadefd4c8937.
References
security-advisories@github.comhttps://github.com/miraheze/CreateWiki/security/advisories/GHSA-4rcf-3cj2-46mq
security-advisories@github.comhttps://github.com/miraheze/mw-config/commit/fb3e68bcef459e9cf2a415241b28042a6c9727e8
security-advisories@github.comhttps://issue-tracker.miraheze.org/F3093343
security-advisories@github.comhttps://issue-tracker.miraheze.org/T11999
af854a3a-2127-422b-91ae-364da2661108https://github.com/miraheze/CreateWiki/security/advisories/GHSA-4rcf-3cj2-46mq
af854a3a-2127-422b-91ae-364da2661108https://github.com/miraheze/mw-config/commit/fb3e68bcef459e9cf2a415241b28042a6c9727e8
af854a3a-2127-422b-91ae-364da2661108https://issue-tracker.miraheze.org/F3093343
af854a3a-2127-422b-91ae-364da2661108https://issue-tracker.miraheze.org/T11999
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "CreateWiki is Miraheze\u0027s MediaWiki extension for requesting \u0026 creating wikis. It is possible for users with (delete) or (suppressrevision) on any wiki in the farm to access suppressed wiki requests by going to the request\u0027s entry on Special:RequestWikiQueue on the wiki where they have these rights. The same vulnerability was present briefly on the REST API before being quickly corrected in commit `6bc0685`. To our knowledge, the vulnerable commits of the REST API are not running in production anywhere. This vulnerability is fixed in 23415c17ffb4832667c06abcf1eadadefd4c8937."
    },
    {
      "lang": "es",
      "value": "CreateWiki es la extensi\u00f3n MediaWiki de Miraheze para solicitar y crear wikis. Es posible que los usuarios con (delete) o (suppressrevision) en cualquier wiki de la granja accedan a solicitudes de wiki suprimidas yendo a la entrada de la solicitud en Special:RequestWikiQueue en el wiki donde tienen estos derechos. La misma vulnerabilidad estuvo presente brevemente en la API REST antes de ser corregida r\u00e1pidamente en el commit `6bc0685`. Hasta donde sabemos, las confirmaciones vulnerables de la API REST no se est\u00e1n ejecutando en producci\u00f3n en ning\u00fan lugar. Esta vulnerabilidad se soluciona en 23415c17ffb4832667c06abcf1eadaefd4c8937."
    }
  ],
  "id": "CVE-2024-29897",
  "lastModified": "2024-11-21T09:08:34.397",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-03-28T14:15:14.557",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/miraheze/CreateWiki/security/advisories/GHSA-4rcf-3cj2-46mq"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/miraheze/mw-config/commit/fb3e68bcef459e9cf2a415241b28042a6c9727e8"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://issue-tracker.miraheze.org/F3093343"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://issue-tracker.miraheze.org/T11999"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/miraheze/CreateWiki/security/advisories/GHSA-4rcf-3cj2-46mq"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/miraheze/mw-config/commit/fb3e68bcef459e9cf2a415241b28042a6c9727e8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issue-tracker.miraheze.org/F3093343"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issue-tracker.miraheze.org/T11999"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.