BIT-mediawiki-2020-10534

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/mediawiki/BIT-mediawiki-2020-10534.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-mediawiki-2020-10534
Aliases
Published
2024-03-06T11:14:09.778Z
Modified
2024-03-06T11:25:28.861Z
Summary
[none]
Details

In the GlobalBlocking extension before 2020-03-10 for MediaWiki through 1.34.0, an issue related to IP range evaluation resulted in blocked users re-gaining escalated privileges. This is related to the case in which an IP address is contained in two ranges, one of which is locally disabled.

References

Affected packages

Bitnami / mediawiki

Package

Name
mediawiki
Purl
pkg:bitnami/mediawiki

Severity

  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.34.0