Lucene search
RedhatCVE-2013-4569HistoryDec 13, 2013 - 6:07 p.m.
CVE-2013-4569
2013-12-1318:07:54
CWE-200
redhat
web.nvd.nist.gov
28
cve-2013-4569
cleanchanges
mediawiki
security
remote attackers
sensitive information
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
7.1
Confidence
High
EPSS
0.004
Percentile
72.9%
The CleanChanges extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3, when “Group changes by page in recent changes and watchlist” is enabled, allows remote attackers to obtain sensitive information (revision-deleted IPs) via the Recent Changes page.
Affected configurations
Node
mediawikimediawikiMatch1.20
ORmediawikimediawikiMatch1.20.1
ORmediawikimediawikiMatch1.20.2
ORmediawikimediawikiMatch1.20.3
ORmediawikimediawikiMatch1.20.4
ORmediawikimediawikiMatch1.20.5
ORmediawikimediawikiMatch1.20.6
ORmediawikimediawikiMatch1.20.7
Node
mediawikimediawikiRange≤1.19.8
ORmediawikimediawikiMatch1.19
ORmediawikimediawikiMatch1.19beta_1
ORmediawikimediawikiMatch1.19beta_2
ORmediawikimediawikiMatch1.19.0
ORmediawikimediawikiMatch1.19.1
ORmediawikimediawikiMatch1.19.2
ORmediawikimediawikiMatch1.19.3
ORmediawikimediawikiMatch1.19.4
ORmediawikimediawikiMatch1.19.5
ORmediawikimediawikiMatch1.19.6
ORmediawikimediawikiMatch1.19.7
Node
mediawikimediawikiMatch1.21
ORmediawikimediawikiMatch1.21.1
ORmediawikimediawikiMatch1.21.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mediawiki | mediawiki | 1.20.2 | cpe:/a:mediawiki:mediawiki:1.20.2::: |
| mediawiki | mediawiki | 1.20.7 | cpe:/a:mediawiki:mediawiki:1.20.7::: |
| mediawiki | mediawiki | 1.20.6 | cpe:/a:mediawiki:mediawiki:1.20.6::: |
| mediawiki | mediawiki | 1.20.3 | cpe:/a:mediawiki:mediawiki:1.20.3::: |
| mediawiki | mediawiki | 1.20 | cpe:/a:mediawiki:mediawiki:1.20::: |
| mediawiki | mediawiki | 1.20.5 | cpe:/a:mediawiki:mediawiki:1.20.5::: |
| mediawiki | mediawiki | 1.20.4 | cpe:/a:mediawiki:mediawiki:1.20.4::: |
| mediawiki | mediawiki | 1.20.1 | cpe:/a:mediawiki:mediawiki:1.20.1::: |
Related
prion
prion
Design/Logic Flaw
2013-12-13 18:07:00
nvd
nvd
CVE-2013-4569
2013-12-13 18:07:54
cvelist
cvelist
CVE-2013-4569
2013-12-13 18:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: mediawiki-1.21.3-1.fc19
2013-12-02 09:35:57
[SECURITY] Fedora 20 Update: mediawiki-1.21.3-1.fc20
2013-12-14 03:35:07
[SECURITY] Fedora 18 Update: mediawiki-1.19.9-1.fc18
2013-12-02 09:33:22
nessus
nessus
Fedora 19 : mediawiki-1.21.3-1.fc19 (2013-21856)
2013-12-02 00:00:00
Fedora 18 : mediawiki-1.19.9-1.fc18 (2013-21874)
2013-12-02 00:00:00
Fedora 20 : mediawiki-1.21.3-1.fc20 (2013-22047)
2013-12-14 00:00:00
openvas
openvas
Fedora Update for mediawiki FEDORA-2013-21856
2013-12-03 00:00:00
Fedora Update for mediawiki FEDORA-2013-21856
2013-12-03 00:00:00
Fedora Update for mediawiki FEDORA-2013-22047
2014-02-03 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
7.1
Confidence
High
EPSS
0.004
Percentile
72.9%
Related for CVE-2013-4569