Vulnerability Name:
CVE-2007-6013 (CCN-38578)
Assigned:
2007-11-19
Published:
2007-11-19
Updated:
2018-10-15
Summary:
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which allows attackers to bypass authentication by obtaining the MD5 hash from the user database, then generating the authentication cookie from that hash.
CVSS v3 Severity:
2.6 Low
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
High
Privileges Required (PR):
Low
User Interaction (UI):
Required
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
None
Integrity (I):
Low
Availibility (A):
None
CVSS v2 Severity:
6.8 Medium
(CVSS v2 Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
)
5.0 Medium
(Temporal CVSS v2 Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Medium
Authentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
Partial
Availibility (A):
Partial
3.5 Low
(CCN CVSS v2 Vector:
AV:N/AC:M/Au:S/C:N/I:P/A:N
)
2.6 Low
(CCN Temporal CVSS v2 Vector:
AV:N/AC:M/Au:S/C:N/I:P/A:N/E:U/RL:OF/RC:C
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Medium
Athentication (Au):
Single_Instance
Impact Metrics:
Confidentiality (C):
None
Integrity (I):
Partial
Availibility (A):
None
Vulnerability Type:
CWE-287
Vulnerability Consequences:
Bypass Security
References:
Source: CCN
Type: Full-Disclosure Mailing List, Mon Nov 19 2007 - 12:46:37 CST
Wordpress Cookie Authentication Vulnerability
Source: CCN
Type: Full-Disclosure Mailing List, Tue Nov 20 2007 - 12:51:26 CST
Wordpress 0day: Hacking into computers now easier than previously believed - Heise Security
Source: MITRE
Type: CNA
CVE-2007-6013
Source: FULLDISC
Type: UNKNOWN
20071119 Wordpress Cookie Authentication Vulnerability
Source: OSVDB
Type: UNKNOWN
40801
Source: CCN
Type: SA27714
WordPress Cookies Security Bypass Weakness
Source: SECUNIA
Type: Vendor Advisory
27714
Source: SECUNIA
Type: Vendor Advisory
28310
Source: SREASON
Type: UNKNOWN
3375
Source: CCN
Type: SECTRACK ID: 1018980
WordPress Cookie Authentication Flaw Lets Remote Users Access Accounts in Certain Cases
Source: CCN
Type: Wordpress trac Ticket #5367
Wordpress cookie authentication vulnerability
Source: CONFIRM
Type: UNKNOWN
http://trac.wordpress.org/ticket/5367
Source: MISC
Type: UNKNOWN
http://www.cl.cam.ac.uk/~sjm217/advisories/wordpress-cookie-auth.txt
Source: CCN
Type: OSVDB ID: 40801
WordPress Cookie MD5 Hash Authentication Bypass
Source: CCN
Type: OSVDB ID: 44622
WordPress Crafted Cookie Authentication Bypass
Source: BUGTRAQ
Type: UNKNOWN
20071119 Wordpress Cookie Authentication Vulnerability
Source: SECTRACK
Type: UNKNOWN
1018980
Source: VUPEN
Type: Vendor Advisory
ADV-2007-3941
Source: XF
Type: UNKNOWN
wordpress-password-weak-security(38578)
Source: XF
Type: UNKNOWN
wordpress-password-weak-security(38578)
Source: FEDORA
Type: UNKNOWN
FEDORA-2008-0103
Source: FEDORA
Type: UNKNOWN
FEDORA-2008-0126
Vulnerable Configuration:
Configuration 1
:
cpe:/a:wordpress:wordpress:1.5:*:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:1.5-strayhorn:*:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:1.5.1.1:*:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.0:-:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.0.1:-:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.0.5:-:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.0.6:-:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.0.7:-:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.0.8:-:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.0.9:-:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.0.10:-:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.0.11:-:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.1:-:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.1.1:-:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.1.3:-:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.2:-:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.2.1:-:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.2.2:*:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.2.3:*:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.3:-:*:*:*:*:*:*
OR
cpe:/a:wordpress:wordpress:2.3.1:-:*:*:*:*:*:*
Denotes that component is vulnerable
BACK
wordpress
wordpress 1.5
wordpress
wordpress 1.5-strayhorn
wordpress
wordpress 1.5.1
wordpress
wordpress 1.5.1.1
wordpress
wordpress 1.5.1.2
wordpress
wordpress 1.5.1.3
wordpress
wordpress 1.5.2
wordpress
wordpress 2.0
wordpress
wordpress 2.0.1
wordpress
wordpress 2.0.4
wordpress
wordpress 2.0.5
wordpress
wordpress 2.0.6
wordpress
wordpress 2.0.7
wordpress
wordpress 2.0.8
wordpress
wordpress 2.0.9
wordpress
wordpress 2.0.10
wordpress
wordpress 2.0.11
wordpress
wordpress 2.1
wordpress
wordpress 2.1.1
wordpress
wordpress 2.1.2
wordpress
wordpress 2.1.3
wordpress
wordpress 2.2
wordpress
wordpress 2.2.1
wordpress
wordpress 2.2.2
wordpress
wordpress 2.2.3
wordpress
wordpress 2.3
wordpress
wordpress 2.3.1