Merge pull request #9094 from projectdiscovery/wp-user-enum
Update and rename CVE-2017-5487.yaml to wp-user-enum.yamlpatch-1
commit
c1ce561eb0
|
@ -1,28 +1,19 @@
|
||||||
id: CVE-2017-5487
|
id: wp-user-enum
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: WordPress Core <4.7.1 - Username Enumeration
|
name: WordPress REST API User Enumeration
|
||||||
author: Manas_Harsh,daffainfo,geeknik,dr0pd34d
|
author: Manas_Harsh,daffainfo,geeknik,dr0pd34d
|
||||||
severity: medium
|
severity: low
|
||||||
description: WordPress Core before 4.7.1 is susceptible to user enumeration because it does not properly restrict listings of post authors via wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API, which allows a remote attacker to obtain sensitive information via a wp-json/wp/v2/users request.
|
description: |
|
||||||
|
The REST API exposed user data for all users who had authored a post of a public post type. WordPress 4.7.1 limits this to only post types which have specified that they should be shown within the REST API.
|
||||||
impact: |
|
impact: |
|
||||||
An attacker can easily determine valid usernames, which can lead to targeted attacks such as brute force attacks or social engineering.
|
An attacker can easily determine valid usernames, which can lead to targeted attacks such as brute force attacks or social engineering.
|
||||||
remediation: |
|
remediation: |
|
||||||
Update WordPress to version 4.7.1 or later
|
Install a WordPress plugin such as Stop User Enumeration. Stop User Enumeration is a security plugin designed to detect and prevent hackers scanning your site for user names.
|
||||||
reference:
|
reference:
|
||||||
- https://www.exploit-db.com/exploits/41497
|
- https://www.acunetix.com/vulnerabilities/web/wordpress-rest-api-user-enumeration/
|
||||||
- https://www.wordfence.com/blog/2016/12/wordfence-blocks-username-harvesting-via-new-rest-api-wp-4-7/
|
- https://wordpress.org/plugins/stop-user-enumeration/
|
||||||
- https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
|
- https://www.afteractive.com/wordpress-user-enumeration-vulnerability/
|
||||||
- https://nvd.nist.gov/vuln/detail/CVE-2017-5487
|
|
||||||
- http://www.openwall.com/lists/oss-security/2017/01/14/6
|
|
||||||
classification:
|
|
||||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
|
||||||
cvss-score: 5.3
|
|
||||||
cve-id: CVE-2017-5487
|
|
||||||
cwe-id: CWE-200
|
|
||||||
epss-score: 0.97179
|
|
||||||
epss-percentile: 0.99776
|
|
||||||
cpe: cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
|
|
||||||
metadata:
|
metadata:
|
||||||
verified: true
|
verified: true
|
||||||
max-request: 2
|
max-request: 2
|
||||||
|
@ -65,4 +56,4 @@ http:
|
||||||
- '.[] | .slug'
|
- '.[] | .slug'
|
||||||
- '.[].name'
|
- '.[].name'
|
||||||
part: body
|
part: body
|
||||||
# digest: 4a0a0047304502205e1134c2f58050dd5aebdef51803d8813f61ca8d8829dfe95707d4270381d580022100ebb5318b886379bac4eac7f14a4342442b7a8391fbf831e5f92753698951ba5e:922c64590222798bb761d5b6d8e72950
|
# digest: 4a0a0047304502205e1134c2f58050dd5aebdef51803d8813f61ca8d8829dfe95707d4270381d580022100ebb5318b886379bac4eac7f14a4342442b7a8391fbf831e5f92753698951ba5e:922c64590222798bb761d5b6d8e72950
|
Loading…
Reference in New Issue