Lucene search
Copyright (C) 2022 Greenbone AGOPENVAS:1361412562310126142HistorySep 16, 2022 - 12:00 a.m.
MediaWiki 1.37.x - 1.38.x DoS Vulnerability - Linux
2022-09-1600:00:00
Copyright (C) 2022 Greenbone AG
plugins.openvas.org
6
mediawiki
vulnerability
dos
linux
deprecated
4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
5.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.1%
MediaWiki is prone to a denial of service (DoS)
vulnerability.
This VT has been deprecated since the vulnerability is in an extension and not in MediaWiki itself.
# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.126142");
script_version("2023-11-03T16:10:08+0000");
script_tag(name:"last_modification", value:"2023-11-03 16:10:08 +0000 (Fri, 03 Nov 2023)");
script_tag(name:"creation_date", value:"2022-09-16 08:58:43 +0000 (Fri, 16 Sep 2022)");
script_tag(name:"cvss_base", value:"6.1");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:M/C:N/I:N/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2022-09-07 20:33:00 +0000 (Wed, 07 Sep 2022)");
script_cve_id("CVE-2022-39194");
script_tag(name:"qod_type", value:"remote_banner_unreliable");
script_tag(name:"solution_type", value:"WillNotFix");
script_name("MediaWiki 1.37.x - 1.38.x DoS Vulnerability - Linux");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2022 Greenbone AG");
script_family("Denial of Service");
script_tag(name:"summary", value:"MediaWiki is prone to a denial of service (DoS)
vulnerability.
This VT has been deprecated since the vulnerability is in an extension and not in MediaWiki itself.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"Growth's Community configuration makes it possible for rogue
admin to take down a site.");
script_tag(name:"affected", value:"MediaWiki version 1.37.x through 1.38.x.");
script_tag(name:"solution", value:"No known solution was made available for at least one year since the disclosure
of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer
release, disable respective features, remove the product or replace the product by another one.");
script_xref(name:"URL", value:"https://lists.wikimedia.org/hyperkitty/list/[email protected]/message/SJLXUZZUHQDSSSKIOXMMV7Y4YXPAXZXI");
script_tag(name:"deprecated", value:TRUE);
exit(0);
}
exit(66);
Related
osv
osv
BIT-mediawiki-2022-39194
2024-03-06 11:04:13
CVE-2022-39194
2022-09-02 05:15:07
prion
prion
Input validation
2022-09-02 05:15:00
cvelist
cvelist
CVE-2022-39194
2022-09-02 04:45:37
nvd
nvd
CVE-2022-39194
2022-09-02 05:15:07
cve
cve
CVE-2022-39194
2022-09-02 05:15:07
redhatcve
redhatcve
CVE-2022-39194
2022-09-07 09:30:49
openvas
openvas
MediaWiki 1.37.x - 1.38.x DoS Vulnerability - Windows
2022-09-16 00:00:00
4.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
5.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.1%
Related for OPENVAS:1361412562310126142