[Japanese]

JVNDB-2022-000014

Multiple vulnerabilities in a-blog cms

Overview

a-blog cms provided by appleple inc. contains multiple vulnerabilities listed below.
* Cross-site scripting (CWE-79) - CVE-2022-24374
* Cross-site scripting (CWE-79) - CVE-2022-23916
* Template injection (CWE-1336) - CVE-2022-23810
* Authentication bypass (CWE-291) - CVE-2022-21142

CVE-2022-24374
iwama yuu of Secure Sky Technology Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

CVE-2022-23916
Masashi Yamane of LAC Co., Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

CVE-2022-23810, CVE-2022-21142
hibiki moriyama of STNet, Incorporated reported these vulnerabilities to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 5.6 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: Low
CVSS V2 Severity:
Base Metrics 6.8 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
The above CVSS base scores have been assigned for CVE-2022-21142

CVSS V3 Severity:
Base Metrics 5.4 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics 3.5 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: Single
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2022-24374

CVSS V3 Severity:
Base Metrics 5.4 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: Required
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics 3.5 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: Single
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2022-23916

CVSS V3 Severity:
Base Metrics 5.0 (Medium) [IPA Score]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Changed
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None
CVSS V2 Severity:
Base Metrics 4.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: Single
  • Confidentiality Impact: Partial
  • Integrity Impact: None
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2022-23810
Affected Products


appleple inc.
  • a-blog cms Ver.3.0.x series versions prior to Ver.3.0.1 (CVE-2022-24374, CVE-2022-23916, CVE-2022-23810)
  • a-blog cms Ver.2.11.x series versions prior to Ver.2.11.42 (CVE-2022-24374, CVE-2022-23916, CVE-2022-23810)
  • a-blog cms Ver.2.11.x series versions prior to Ver.2.11.41 (CVE-2022-21142)
  • a-blog cms Ver.2.10.x series versions prior to Ver.2.10.44 (CVE-2022-24374, CVE-2022-23916, CVE-2022-23810)
  • a-blog cms Ver.2.10.x series versions prior to Ver.2.10.43 (CVE-2022-21142)
  • a-blog cms Ver.2.9.x series versions prior to Ver.2.9.40 (CVE-2022-24374, CVE-2022-23916, CVE-2022-23810)
  • a-blog cms Ver.2.9.x series versions prior to Ver.2.9.39 (CVE-2022-21142)
  • a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75 (CVE-2022-24374, CVE-2022-23916, CVE-2022-23810)
  • a-blog cms Ver.2.8.x series versions prior to Ver.2.8.74 (CVE-2022-21142)

Impact

* An arbitrary script may be executed on the web browser of a logged-in user - CVE-2022-24374
* An arbitrary script may be executed on the web browser of a software administrative user - CVE-2022-23916
* A remote attacker may obtain arbitrary files on the server - CVE-2022-23810
* A remote attacker may bypass authentication under the specific conditions - CVE-2022-21142
Solution

[Update the software]
Update the software to the latest version according to the information provided by the developer.
Vendor Information

appleple inc.
CWE (What is CWE?)

  1. Improper Authentication(CWE-287) [IPA Evaluation]
  2. Cross-site Scripting(CWE-79) [IPA Evaluation]
  3. Code Injection(CWE-94) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2022-24374
  2. CVE-2022-23916
  3. CVE-2022-23810
  4. CVE-2022-21142
References

  1. JVN : JVN#14706307
Revision History

  • [2022/02/18]
      Web page was published

Date Public2022/02/18
Date First Published2022/02/18
Date Last Updated2022/02/18