CVE-2018-1000506

Metronet Tag Manager version 1.2.7 contains a Cross ite Request Forgery (CSRF) vulnerability in Settings page /wp-admin/options-general.php?page=metronet-tag-manager that can result in allows anybody to do almost anything an admin can. This attack appear to be exploitable via Logged in user must follow a link. This vulnerability appears to have been fixed in 1.2.9.

CVSS v3 8.8 HIGH
CVSS v2.0 6.8 MEDIUM

8.8^/10

CVSS v3 : HIGH

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://advisories.dxw.com/advisories/csrf-metronet-tag-manager/	Exploit Third Party Advisory
https://advisories.dxw.com/advisories/csrf-metronet-tag-manager/	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:mediaron:metronet_tag_manager:1.2.7:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 03:40

Type	Values Removed	Values Added
References	~~() https://advisories.dxw.com/advisories/csrf-metronet-tag-manager/ - Exploit, Third Party Advisory~~	() https://advisories.dxw.com/advisories/csrf-metronet-tag-manager/ - Exploit, Third Party Advisory

Information

Published : 2018-06-26 16:29

Updated : 2024-11-21 03:40

NVD link : CVE-2018-1000506

Mitre link : CVE-2018-1000506

CVE.ORG link : CVE-2018-1000506

JSON object : View

Products Affected

mediaron

metronet_tag_manager

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

{"id": "CVE-2018-1000506", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2018-06-26T16:29:00.680", "references": [{"url": "https://advisories.dxw.com/advisories/csrf-metronet-tag-manager/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://advisories.dxw.com/advisories/csrf-metronet-tag-manager/", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "Metronet Tag Manager version 1.2.7 contains a Cross ite Request Forgery (CSRF) vulnerability in Settings page /wp-admin/options-general.php?page=metronet-tag-manager that can result in allows anybody to do almost anything an admin can. This attack appear to be exploitable via Logged in user must follow a link. This vulnerability appears to have been fixed in 1.2.9."}, {"lang": "es", "value": "Metronet Tag Manager 1.2.7 contiene una vulnerabilidad de Cross-Site Request Forgery (CSRF) en la p\u00e1gina Settings en /wp-admin/options-general.php?page=metronet-tag-manager que puede resultar en que cualquiera pueda hacer casi las mismas acciones que un administrador. El ataque parece ser explotable mediante un usuario con la sesi\u00f3n iniciada que abra un enlace. La vulnerabilidad parece haber sido solucionada en la versi\u00f3n 1.2.9."}], "lastModified": "2024-11-21T03:40:04.300", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mediaron:metronet_tag_manager:1.2.7:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "85208FC5-8A5E-43AA-8315-FE091E3B8663"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}