Vulnerability Name:

CVE-2009-2762 (CCN-52382)

Assigned:2009-08-10
Published:2009-08-10
Updated:2017-11-22
Summary:wp-login.php in WordPress 2.8.3 and earlier allows remote attackers to force a password reset for the first user in the database, possibly the administrator, via a key[] array variable in a resetpass (aka rp) action, which bypasses a check that assumes that $key is not an array.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
6.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
4.3 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-255
Vulnerability Consequences:Bypass Security
References:Source: FULLDISC
Type: Broken Link
20090810 WordPress <= 2.8.3 Remote admin reset password

Source: MISC
Type: Vendor Advisory
http://core.trac.wordpress.org/changeset/11798

Source: MITRE
Type: CNA
CVE-2009-2762

Source: CCN
Type: SA36237
WordPress Password Reset Weakness

Source: SECUNIA
Type: Third Party Advisory
36237

Source: CCN
Type: SECTRACK ID: 1022707
WordPress Input Validation Bug Lets Remote Users Reset the Administrative Password

Source: CCN
Type: WordPress Web site
WordPress

Source: CCN
Type: WordPress Blog, August 12, 2009
WordPress 2.8.4 Security Release

Source: CONFIRM
Type: Patch, Vendor Advisory
http://wordpress.org/development/2009/08/2-8-4-security-release/

Source: EXPLOIT-DB
Type: Exploit, Third Party Advisory
9410

Source: CCN
Type: OSVDB ID: 56971
WordPress wp-login.php key Parameter Remote Administrator Password Reset

Source: BID
Type: Third Party Advisory, VDB Entry
36014

Source: CCN
Type: BID-36014
WordPress 'wp-login.php' Admin Password Reset Security Bypass Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1022707

Source: XF
Type: Third Party Advisory, VDB Entry
wordpress-wplogin-security-bypass(52382)

Source: XF
Type: UNKNOWN
wordpress-wplogin-security-bypass(52382)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:wordpress:wordpress:*:*:*:*:*:*:*:* (Version <= 2.8.3)

    • Configuration CCN 1:
  • cpe:/a:wordpress:wordpress:0.7:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.2:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.0.1:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.0.3:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.0.5:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.0.6:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.1.1:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.1.3:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.2:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.2.1:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.3:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.0.9:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.0.11:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.3.2:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.3.1:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.0.10:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.0.7:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.0:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.1.3:rc2:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.1.3:rc1:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.1:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.5:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:0.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:0.6.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:0.71:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.0:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.0.1:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.5:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.5.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.0.10:rc1:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.0.10:rc2:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.0.8:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:0.711:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.4:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.6:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.6:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.6.1:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.5::strayhorn:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:0.71::gold:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.0.1::miles:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.0.2::blakey:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.0::platinum:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.2::mingus:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.2:beta:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:0.72:rc1:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:0.72:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.1:alpha_3:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:0.72:beta1:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:0.72:beta2:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.3.1:rc1:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.6.5:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.3:rc1:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.3:beta3:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.0:rc4:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.6.3:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.8.1:-:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.8.2:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.8.3:*:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.2::revision5002:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:1.2:delta:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.2::revision5003:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.8.1:rc1:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.8.1:beta1:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.8:beta1:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.8.1:beta2:*:*:*:*:*:*
  • OR cpe:/a:wordpress:wordpress:2.8.1:jazzes_themes_and_widgets:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:fedora:10:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    wordpress wordpress *
    wordpress wordpress 0.7
    wordpress wordpress 1.2
    wordpress wordpress 1.2.1
    wordpress wordpress 1.5.1.2
    wordpress wordpress 1.5.1.3
    wordpress wordpress 1.5.2
    wordpress wordpress 2.0.1
    wordpress wordpress 2.0.2
    wordpress wordpress 2.0.3
    wordpress wordpress 2.0.5
    wordpress wordpress 2.0.6
    wordpress wordpress 2.1.1
    wordpress wordpress 2.1.2
    wordpress wordpress 2.1.3
    wordpress wordpress 2.2
    wordpress wordpress 2.2.1
    wordpress wordpress 2.3
    wordpress wordpress 2.0.9
    wordpress wordpress 2.0.11
    wordpress wordpress 2.3.2
    wordpress wordpress 2.3.3
    wordpress wordpress 2.3.1
    wordpress wordpress 2.2.3
    wordpress wordpress 2.2.2
    wordpress wordpress 2.0.10
    wordpress wordpress 2.0.7
    wordpress wordpress 2.0.4
    wordpress wordpress 2.0
    wordpress wordpress 2.1.3 rc2
    wordpress wordpress 2.1.3 rc1
    wordpress wordpress 2.1
    wordpress wordpress 2.5
    wordpress wordpress 0.6.2
    wordpress wordpress 0.6.2.1
    wordpress wordpress 0.71
    wordpress wordpress 1.0
    wordpress wordpress 1.0.1
    wordpress wordpress 1.0.2
    wordpress wordpress 1.2.2
    wordpress wordpress 1.3.1
    wordpress wordpress 1.5
    wordpress wordpress 1.5.1
    wordpress wordpress 1.5.1.1
    wordpress wordpress 2.0.10 rc1
    wordpress wordpress 2.0.10 rc2
    wordpress wordpress 2.0.8
    wordpress wordpress 0.711
    wordpress wordpress 1.4
    wordpress wordpress 1.6
    wordpress wordpress 2.5.1
    wordpress wordpress 2.6
    wordpress wordpress 2.6.1
    wordpress wordpress 1.5
    wordpress wordpress 0.71
    wordpress wordpress 1.0.1
    wordpress wordpress 1.0.2
    wordpress wordpress 1.0
    wordpress wordpress 1.2
    wordpress wordpress 2.2.0
    wordpress wordpress 1.2 beta
    wordpress wordpress 0.72 rc1
    wordpress wordpress 0.72
    wordpress wordpress 2.1 alpha_3
    wordpress wordpress 0.72 beta1
    wordpress wordpress 0.72 beta2
    wordpress wordpress 2.3.1 rc1
    wordpress wordpress 2.6.5
    wordpress wordpress 2.7.1
    wordpress wordpress 2.3 rc1
    wordpress wordpress 2.3 beta3
    wordpress wordpress 1.0 rc4
    wordpress wordpress 1.0 rc3
    wordpress wordpress 1.0 rc2
    wordpress wordpress 1.0 rc1
    wordpress wordpress 2.6.3
    wordpress wordpress 2.8.1
    wordpress wordpress 2.8.2
    wordpress wordpress 2.8.3
    wordpress wordpress 2.2
    wordpress wordpress 1.2 delta
    wordpress wordpress 2.2
    wordpress wordpress 2.8.1 rc1
    wordpress wordpress 2.8.1 beta1
    wordpress wordpress 2.8 beta1
    wordpress wordpress 2.8.1 beta2
    wordpress wordpress 2.8.1 jazzes_themes_and_widgets
    redhat fedora 10