Merge pull request #9094 from projectdiscovery/wp-user-enum
Update and rename CVE-2017-5487.yaml to wp-user-enum.yamlpatch-1
commit
c1ce561eb0
|
@ -1,28 +1,19 @@
|
|||
id: CVE-2017-5487
|
||||
id: wp-user-enum
|
||||
|
||||
info:
|
||||
name: WordPress Core <4.7.1 - Username Enumeration
|
||||
name: WordPress REST API User Enumeration
|
||||
author: Manas_Harsh,daffainfo,geeknik,dr0pd34d
|
||||
severity: medium
|
||||
description: WordPress Core before 4.7.1 is susceptible to user enumeration because it does not properly restrict listings of post authors via wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API, which allows a remote attacker to obtain sensitive information via a wp-json/wp/v2/users request.
|
||||
severity: low
|
||||
description: |
|
||||
The REST API exposed user data for all users who had authored a post of a public post type. WordPress 4.7.1 limits this to only post types which have specified that they should be shown within the REST API.
|
||||
impact: |
|
||||
An attacker can easily determine valid usernames, which can lead to targeted attacks such as brute force attacks or social engineering.
|
||||
remediation: |
|
||||
Update WordPress to version 4.7.1 or later
|
||||
Install a WordPress plugin such as Stop User Enumeration. Stop User Enumeration is a security plugin designed to detect and prevent hackers scanning your site for user names.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/41497
|
||||
- https://www.wordfence.com/blog/2016/12/wordfence-blocks-username-harvesting-via-new-rest-api-wp-4-7/
|
||||
- https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2017-5487
|
||||
- http://www.openwall.com/lists/oss-security/2017/01/14/6
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
||||
cvss-score: 5.3
|
||||
cve-id: CVE-2017-5487
|
||||
cwe-id: CWE-200
|
||||
epss-score: 0.97179
|
||||
epss-percentile: 0.99776
|
||||
cpe: cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
|
||||
- https://www.acunetix.com/vulnerabilities/web/wordpress-rest-api-user-enumeration/
|
||||
- https://wordpress.org/plugins/stop-user-enumeration/
|
||||
- https://www.afteractive.com/wordpress-user-enumeration-vulnerability/
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 2
|
||||
|
@ -65,4 +56,4 @@ http:
|
|||
- '.[] | .slug'
|
||||
- '.[].name'
|
||||
part: body
|
||||
# digest: 4a0a0047304502205e1134c2f58050dd5aebdef51803d8813f61ca8d8829dfe95707d4270381d580022100ebb5318b886379bac4eac7f14a4342442b7a8391fbf831e5f92753698951ba5e:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502205e1134c2f58050dd5aebdef51803d8813f61ca8d8829dfe95707d4270381d580022100ebb5318b886379bac4eac7f14a4342442b7a8391fbf831e5f92753698951ba5e:922c64590222798bb761d5b6d8e72950
|
Loading…
Reference in New Issue