8.8

CVE-2015-8623

The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12 and 1.24.x before 1.24.5 does not perform token comparison in constant time before returning, which allows remote attackers to guess the edit token and bypass CSRF protection via a timing attack, a different vulnerability than CVE-2015-8624.

Data is provided by the National Vulnerability Database (NVD)
MediawikiMediawiki Version <= 1.23.11
MediawikiMediawiki Version1.24.0
MediawikiMediawiki Version1.24.1
MediawikiMediawiki Version1.24.2
MediawikiMediawiki Version1.24.3
MediawikiMediawiki Version1.24.4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.13% 0.332
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE-352 Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

http://www.openwall.com/lists/oss-security/2015/12/21/8
Patch
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2015/12/23/7
Patch
Third Party Advisory
Mailing List
https://phabricator.wikimedia.org/T119309
Patch
Third Party Advisory