4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
56.0%
Updated mediawiki packages fix security vulnerability: Login CSRF issue in MediaWiki before 1.22.5 in Special:ChangePassword, whereby a user can be logged into an attackers account without being aware of it, allowing the attacker to track the userβs activity (CVE-2014-2665). MediaWiki has been updated to version 1.22.5, fixing this and other issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 3 | noarch | mediawiki | <Β 1.22.5-1 | mediawiki-1.22.5-1.mga3 |
Mageia | 4 | noarch | mediawiki | <Β 1.22.5-1 | mediawiki-1.22.5-1.mga4 |