Headline
CVE-2022-23810: Multiple vulnerabilities in a-blog cms
Template injection (Improper Neutralization of Special Elements Used in a Template Engine) vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to Ver.2.11.42, and Ver.3.0.x series versions prior to Ver.3.0.1 allows a remote authenticated attacker to obtain an arbitrary file on the server via unspecified vectors.
Published:2022/02/18 Last Updated:2022/02/18
Overview
a-blog cms contains multiple vulnerabilities.
Products Affected
CVE-2022-24374, CVE-2022-23916, CVE-2022-23810
- a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75
- a-blog cms Ver.2.9.x series versions prior to Ver.2.9.40
- a-blog cms Ver.2.10.x series versions prior to Ver.2.10.44
- a-blog cms Ver.2.11.x series versions prior to Ver.2.11.42
- a-blog cms Ver.3.0.x series versions prior to Ver.3.0.1
CVE-2022-21142
- a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74
- a-blog cms Ver.2.9.x series versions prior to Ver.2.9.39
- a-blog cms Ver.2.10.x series versions prior to Ver.2.10.43
- a-blog cms Ver.2.11.x series versions prior to Ver.2.11.41
Description
a-blog cms provided by appleple inc. contains multiple vulnerabilities listed below.
Cross-site scripting (CWE-79) - CVE-2022-24374
CVSS v3
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Base Score: 5.4
CVSS v2
AV:N/AC:M/Au:S/C:N/I:P/A:N
Base Score: 3.5
Cross-site scripting (CWE-79) - CVE-2022-23916
CVSS v3
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Base Score: 5.4
CVSS v2
AV:N/AC:M/Au:S/C:N/I:P/A:N
Base Score: 3.5
Template injection (CWE-1336) - CVE-2022-23810
CVSS v3
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Base Score: 5.0
CVSS v2
AV:N/AC:L/Au:S/C:P/I:N/A:N
Base Score: 4.0
Authentication bypass (CWE-291) - CVE-2022-21142
CVSS v3
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Base Score: 5.6
CVSS v2
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score: 6.8
Impact
- An arbitrary script may be executed on the web browser of a logged-in user - CVE-2022-24374
- An arbitrary script may be executed on the web browser of a software administrative user - CVE-2022-23916
- A remote attacker may obtain arbitrary files on the server - CVE-2022-23810
- A remote attacker may bypass authentication under the specific conditions - CVE-2022-21142
Solution
Update the software
Update the software to the latest version according to the information provided by the developer.
Vendor Status
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
CVE-2022-24374
iwama yuu of Secure Sky Technology Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVE-2022-23916
Masashi Yamane of LAC Co., Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVE-2022-23810, CVE-2022-21142
hibiki moriyama of STNet, Incorporated reported these vulnerabilities to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information