Lucene search

K
redosRedosROS-20240927-07
HistorySep 27, 2024 - 12:00 a.m.

ROS-20240927-07

2024-09-2700:00:00
redos.red-soft.ru
1254
mediawiki
unlinkedwikibase
vulnerability
access control
escalation privileges
cross-site scripting
unix

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

AI Score

6.4

Confidence

High

A vulnerability in the WikibaseLexeme extension of the MediaWik hypertext implementation software tool
is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker,
acting remotely to escalate their privileges

Vulnerability of UnlinkedWikibase extension of a software tool for implementing hypertext environment MediaWiki is related to incorrectly neutralized access controls.
MediaWiki is related to improper input neutralization during web page creation. Exploitation
vulnerability could allow an attacker acting remotely to perform cross-site scripting attacks
(XSS)

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64kernel-lt< 6.1.94-1UNKNOWN

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

AI Score

6.4

Confidence

High