Update and rename CVE-2017-5487.yaml to wp-user-enum.yaml

2024-02-04 23:42:11 +05:30 · 2024-02-04 23:42:11 +05:30 · 713e145235
parent 10b70ccc83
commit 713e145235
1 changed files with 10 additions and 19 deletions
--- a/http/vulnerabilities/wordpress/wp-user-enum.yaml
+++ b/http/vulnerabilities/wordpress/wp-user-enum.yaml
@ -1,28 +1,19 @@
-id: CVE-2017-5487
+id: wp-user-enum

 info:
-  name: WordPress Core <4.7.1 - Username Enumeration
+  name: WordPress REST API User Enumeration
  author: Manas_Harsh,daffainfo,geeknik,dr0pd34d
-  severity: medium
-  description: WordPress Core before 4.7.1 is susceptible to user enumeration because it does not properly restrict listings of post authors via wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API, which allows a remote attacker to obtain sensitive information via a wp-json/wp/v2/users request.
+  severity: low
+  description: |
+    The REST API exposed user data for all users who had authored a post of a public post type. WordPress 4.7.1 limits this to only post types which have specified that they should be shown within the REST API.
  impact: |
    An attacker can easily determine valid usernames, which can lead to targeted attacks such as brute force attacks or social engineering.
  remediation: |
-    Update WordPress to version 4.7.1 or later
+    Install a WordPress plugin such as Stop User Enumeration. Stop User Enumeration is a security plugin designed to detect and prevent hackers scanning your site for user names.
  reference:
-    - https://www.exploit-db.com/exploits/41497
-    - https://www.wordfence.com/blog/2016/12/wordfence-blocks-username-harvesting-via-new-rest-api-wp-4-7/
-    - https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
-    - https://nvd.nist.gov/vuln/detail/CVE-2017-5487
-    - http://www.openwall.com/lists/oss-security/2017/01/14/6
-  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
-    cve-id: CVE-2017-5487
-    cwe-id: CWE-200
-    epss-score: 0.97179
-    epss-percentile: 0.99776
-    cpe: cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
+    - https://www.acunetix.com/vulnerabilities/web/wordpress-rest-api-user-enumeration/
+    - https://wordpress.org/plugins/stop-user-enumeration/
+    - https://www.afteractive.com/wordpress-user-enumeration-vulnerability/
  metadata:
    verified: true
    max-request: 2
@ -65,4 +56,4 @@ http:
          - '.[] | .slug'
          - '.[].name'
        part: body
-# digest: 4a0a0047304502205e1134c2f58050dd5aebdef51803d8813f61ca8d8829dfe95707d4270381d580022100ebb5318b886379bac4eac7f14a4342442b7a8391fbf831e5f92753698951ba5e:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a0047304502205e1134c2f58050dd5aebdef51803d8813f61ca8d8829dfe95707d4270381d580022100ebb5318b886379bac4eac7f14a4342442b7a8391fbf831e5f92753698951ba5e:922c64590222798bb761d5b6d8e72950