| Vulnerability Name: | CVE-2021-42049 (CCN-211005) | ||||||||||||
| Assigned: | 2021-10-04 | ||||||||||||
| Published: | 2021-10-04 | ||||||||||||
| Updated: | 2022-09-30 | ||||||||||||
| Summary: | An issue was discovered in the Translate extension in MediaWiki through 1.36.2. Oversighters cannot undo revisions or oversight on pages where they suppressed information (such as PII). This allows oversighters to whitewash revisions. | ||||||||||||
| CVSS v3 Severity: | 6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) 5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
3.8 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)
| ||||||||||||
| Vulnerability Type: | CWE-noinfo | ||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2021-42049 Source: XF Type: UNKNOWN mediawiki-cve202142049-dos(211005) Source: CCN Type: Wikimedia Web page Allow revdel-related actions in translatable pages Source: MISC Type: Patch, Vendor Advisory https://gerrit.wikimedia.org/r/q/I4d95220ef414337147235f7ebedc9b945c3348e3 Source: MISC Type: Permissions Required, Vendor Advisory https://phabricator.wikimedia.org/T286884 Source: CCN Type: Mend Vulnerability Database CVE-2021-42049 | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||