CVE-2009-4898

Cross-site request forgery (CSRF) vulnerability in TWiki before 4.3.2 allows remote attackers to hijack the authentication of arbitrary users for requests that update pages, as demonstrated by a URL for a save script in the ACTION attribute of a FORM element, in conjunction with a call to the submit method in the onload attribute of a BODY element. NOTE: this issue exists because of an insufficient fix for CVE-2009-1339.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://twiki.org/cgi-bin/view/Codev/SecurityAuditTokenBasedCsrfFix
http://www.openwall.com/lists/oss-security/2010/08/02/17
http://www.openwall.com/lists/oss-security/2010/08/03/8
http://twiki.org/cgi-bin/view/Codev/SecurityAuditTokenBasedCsrfFix
http://www.openwall.com/lists/oss-security/2010/08/02/17
http://www.openwall.com/lists/oss-security/2010/08/03/8

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:twiki:twiki::::::::
	cpe:2.3:a:twiki:twiki:4.0.0:::::::*
	cpe:2.3:a:twiki:twiki:4.0.1:::::::*
	cpe:2.3:a:twiki:twiki:4.0.2:::::::*
	cpe:2.3:a:twiki:twiki:4.0.3:::::::*
	cpe:2.3:a:twiki:twiki:4.0.4:::::::*
	cpe:2.3:a:twiki:twiki:4.0.5:::::::*
	cpe:2.3:a:twiki:twiki:4.1.0:::::::*
	cpe:2.3:a:twiki:twiki:4.1.1:::::::*
	cpe:2.3:a:twiki:twiki:4.1.2:::::::*
	cpe:2.3:a:twiki:twiki:4.2.0:::::::*
	cpe:2.3:a:twiki:twiki:4.2.1:::::::*
	cpe:2.3:a:twiki:twiki:4.2.2:::::::*
	cpe:2.3:a:twiki:twiki:4.2.3:::::::*
	cpe:2.3:a:twiki:twiki:4.2.4:::::::*
	cpe:2.3:a:twiki:twiki:4.3.0:::::::*

History

21 Nov 2024, 01:10

Type	Values Removed	Values Added
References	~~() http://twiki.org/cgi-bin/view/Codev/SecurityAuditTokenBasedCsrfFix -~~	() http://twiki.org/cgi-bin/view/Codev/SecurityAuditTokenBasedCsrfFix -
References	~~() http://www.openwall.com/lists/oss-security/2010/08/02/17 -~~	() http://www.openwall.com/lists/oss-security/2010/08/02/17 -
References	~~() http://www.openwall.com/lists/oss-security/2010/08/03/8 -~~	() http://www.openwall.com/lists/oss-security/2010/08/03/8 -

Information

Published : 2010-09-07 17:00

Updated : 2024-11-21 01:10

NVD link : CVE-2009-4898

Mitre link : CVE-2009-4898

CVE.ORG link : CVE-2009-4898

JSON object : View

Products Affected

twiki

twiki

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

{"id": "CVE-2009-4898", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-09-07T17:00:01.747", "references": [{"url": "http://twiki.org/cgi-bin/view/Codev/SecurityAuditTokenBasedCsrfFix", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2010/08/02/17", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2010/08/03/8", "source": "secalert@redhat.com"}, {"url": "http://twiki.org/cgi-bin/view/Codev/SecurityAuditTokenBasedCsrfFix", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2010/08/02/17", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2010/08/03/8", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in TWiki before 4.3.2 allows remote attackers to hijack the authentication of arbitrary users for requests that update pages, as demonstrated by a URL for a save script in the ACTION attribute of a FORM element, in conjunction with a call to the submit method in the onload attribute of a BODY element. NOTE: this issue exists because of an insufficient fix for CVE-2009-1339."}, {"lang": "es", "value": "Una vulnerabilidad de Falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en TWiki antes de v4.3.2 permite a atacantes remotos secuestrar la autenticaci\u00f3n de cualquier usuario que soliciten actualizar una p\u00e1gina, como lo demuestra una direcci\u00f3n URL para guardar un script en el atributo ACTION de un elemento FORM, junto con una llamada al m\u00e9todo submit en el atributo onload de un elemento BODY. NOTA: este problema existe debido a una resoluci\u00f3n incompleta al CVE-2009-1339."}], "lastModified": "2024-11-21T01:10:43.710", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:twiki:twiki:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C548C1F-E9DE-448C-ABA6-A8C8B5B77234", "versionEndIncluding": "4.3.1"}, {"criteria": "cpe:2.3:a:twiki:twiki:4.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F893E121-82FA-41C8-9BA4-606E6DA01408"}, {"criteria": "cpe:2.3:a:twiki:twiki:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47807C3A-8430-48E3-A7C8-C5A1FEDF84C0"}, {"criteria": "cpe:2.3:a:twiki:twiki:4.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "620356EA-F106-41DF-AADA-C1EF5A5A0829"}, {"criteria": "cpe:2.3:a:twiki:twiki:4.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "979D8BC8-0032-496F-9503-F3BBBC8FA7CF"}, {"criteria": "cpe:2.3:a:twiki:twiki:4.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0804FF93-6554-4F56-9974-017198ED5F44"}, {"criteria": "cpe:2.3:a:twiki:twiki:4.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41445C95-0309-4B90-B725-87D2FE87C9A5"}, {"criteria": "cpe:2.3:a:twiki:twiki:4.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9996E5B-36AD-407F-B3B6-839CE8E5913E"}, {"criteria": "cpe:2.3:a:twiki:twiki:4.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "748325A4-A237-498A-A185-905FC921D2A3"}, {"criteria": "cpe:2.3:a:twiki:twiki:4.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FE3EEC6-7E05-4A37-97AA-D73E7D7A0E01"}, {"criteria": "cpe:2.3:a:twiki:twiki:4.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "855671F5-C215-4382-B512-4ABD9D66F13D"}, {"criteria": "cpe:2.3:a:twiki:twiki:4.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9C00515-CFEE-427A-BACE-B3140B0D6C67"}, {"criteria": "cpe:2.3:a:twiki:twiki:4.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9CF4F9B-7ADF-47A2-A556-10CCF7401DA9"}, {"criteria": "cpe:2.3:a:twiki:twiki:4.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81DDB420-E707-4319-8395-531FC0D84E5B"}, {"criteria": "cpe:2.3:a:twiki:twiki:4.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D7A5A57-AE7D-4D3E-A280-41676F355AEE"}, {"criteria": "cpe:2.3:a:twiki:twiki:4.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "710F8276-1147-4EAD-9C34-5F2FEE636F8D"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}

6.8 /10