CVE-2022-3590

2022-12-1409:15:09

Debian Security Bug Tracker

security-tracker.debian.org

wordpress

ssrf

toctou

race condition

security vulnerability

pingback

http request

validation

unauthenticated

internal hosts

forbidden

cve-2022-3590

unix

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

50.7%

JSON

WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden.

OSVersionArchitecturePackageVersionFilename
Debian12allwordpress<= 6.1.6+dfsg1-0+deb12u1wordpress_6.1.6+dfsg1-0+deb12u1_all.deb
Debian11allwordpress<= 5.7.11+dfsg1-0+deb11u1wordpress_5.7.11+dfsg1-0+deb11u1_all.deb
Debian999allwordpress<= 6.6.1+dfsg1-1wordpress_6.6.1+dfsg1-1_all.deb
Debian13allwordpress<= 6.6.1+dfsg1-1wordpress_6.6.1+dfsg1-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	wordpress	<= 6.1.6+dfsg1-0+deb12u1	wordpress_6.1.6+dfsg1-0+deb12u1_all.deb
Debian	11	all	wordpress	<= 5.7.11+dfsg1-0+deb11u1	wordpress_5.7.11+dfsg1-0+deb11u1_all.deb
Debian	999	all	wordpress	<= 6.6.1+dfsg1-1	wordpress_6.6.1+dfsg1-1_all.deb
Debian	13	all	wordpress	<= 6.6.1+dfsg1-1	wordpress_6.6.1+dfsg1-1_all.deb