Vulnerability Name: | CVE-2018-15474 (CCN-149482) | ||||||||||||||||||||||||||||||||||||
Assigned: | 2018-09-06 | ||||||||||||||||||||||||||||||||||||
Published: | 2018-09-06 | ||||||||||||||||||||||||||||||||||||
Updated: | 2020-08-24 | ||||||||||||||||||||||||||||||||||||
Summary: | ** DISPUTED ** CSV Injection (aka Excel Macro Injection or Formula Injection) in /lib/plugins/usermanager/admin.php in DokuWiki 2018-04-22a and earlier allows remote attackers to exfiltrate sensitive data and to execute arbitrary code via a value that is mishandled in a CSV export. Note: the vendor has stated "this is not a security problem in DokuWiki." | ||||||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 9.6 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H) 8.4 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:U/RC:R)
8.6 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R)
| ||||||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||||||||||||||||||
Vulnerability Type: | CWE-1236 | ||||||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2018-15474 Source: XF Type: UNKNOWN dokuwiki-cve201815474-code-exec(149482) Source: CONFIRM Type: Exploit, Issue Tracking, Third Party Advisory https://github.com/splitbrain/dokuwiki/issues/2450 Source: CCN Type: Packet Storm Security [09-06-2018] DokuWiki 2018-04-22a Greebo Arbitrary Code Execution Source: CCN Type: Full-Disclosure Mailing List, Thu, 6 Sep 2018 15:26:31 +0200 SEC Consult SA-20180906-0 :: CSV Formula Injection in DokuWiki Source: FULLDISC Type: Exploit, Mailing List, Third Party Advisory 20180906 SEC Consult SA-20180906-0 :: CSV Formula Injection in DokuWiki Source: CCN Type: DokuWiki Web site DokuWiki Source: MISC Type: UNKNOWN https://www.patreon.com/posts/unfixed-security-21250652 Source: MISC Type: Exploit, Third Party Advisory https://www.sec-consult.com/en/blog/advisories/dokuwiki-csv-formula-injection-vulnerability/ | ||||||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||
BACK |