CVE-2016-10026 - OpenCVE

ikiwiki 3.20161219 does not properly check if a revision changes the access permissions for a page on sites with the git and recentchanges plugins and the CGI interface enabled, which allows remote attackers to revert certain changes by leveraging permissions to change the page before the revision was made.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ikiwiki	Ikiwiki

Configuration 1 [-]

cpe:2.3:a:ikiwiki:ikiwiki:3.20161219:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://ikiwiki.info/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed/
http://www.debian.org/security/2017/dsa-3760
http://www.openwall.com/lists/oss-security/2016/12/21/3
http://www.openwall.com/lists/oss-security/2016/12/29/3
https://ikiwiki.info/security/#index46h2

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-02-13T18:00:00

Updated: 2024-08-06T03:07:31.971Z

Reserved: 2016-12-21T00:00:00

Link: CVE-2016-10026

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-02-13T18:59:00.363

Modified: 2017-11-04T01:29:15.163

Link: CVE-2016-10026

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-12-17T00:00:00", "descriptions": [{"lang": "en", "value": "ikiwiki 3.20161219 does not properly check if a revision changes the access permissions for a page on sites with the git and recentchanges plugins and the CGI interface enabled, which allows remote attackers to revert certain changes by leveraging permissions to change the page before the revision was made."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-03T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://ikiwiki.info/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://ikiwiki.info/security/#index46h2"}, {"name": "DSA-3760", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2017/dsa-3760"}, {"name": "[oss-security] 20161221 Re: CVE request: ikiwiki: authorization bypass when reverting changes", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/12/21/3"}, {"name": "[oss-security] 20161229 ikiwiki: CVE-2016-9645 (incomplete fix for CVE-2016-10026), CVE-2016-9646 (commit metadata forgery)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/12/29/3"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-10026", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ikiwiki 3.20161219 does not properly check if a revision changes the access permissions for a page on sites with the git and recentchanges plugins and the CGI interface enabled, which allows remote attackers to revert certain changes by leveraging permissions to change the page before the revision was made."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://ikiwiki.info/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed/", "refsource": "CONFIRM", "url": "http://ikiwiki.info/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed/"}, {"name": "https://ikiwiki.info/security/#index46h2", "refsource": "CONFIRM", "url": "https://ikiwiki.info/security/#index46h2"}, {"name": "DSA-3760", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3760"}, {"name": "[oss-security] 20161221 Re: CVE request: ikiwiki: authorization bypass when reverting changes", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/12/21/3"}, {"name": "[oss-security] 20161229 ikiwiki: CVE-2016-9645 (incomplete fix for CVE-2016-10026), CVE-2016-9646 (commit metadata forgery)", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/12/29/3"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T03:07:31.971Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://ikiwiki.info/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://ikiwiki.info/security/#index46h2"}, {"name": "DSA-3760", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2017/dsa-3760"}, {"name": "[oss-security] 20161221 Re: CVE request: ikiwiki: authorization bypass when reverting changes", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/12/21/3"}, {"name": "[oss-security] 20161229 ikiwiki: CVE-2016-9645 (incomplete fix for CVE-2016-10026), CVE-2016-9646 (commit metadata forgery)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/12/29/3"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-10026", "datePublished": "2017-02-13T18:00:00", "dateReserved": "2016-12-21T00:00:00", "dateUpdated": "2024-08-06T03:07:31.971Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ikiwiki:ikiwiki:3.20161219:*:*:*:*:*:*:*", "matchCriteriaId": "3356F821-E0C4-45AB-AAB8-C371F71F1D04", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "ikiwiki 3.20161219 does not properly check if a revision changes the access permissions for a page on sites with the git and recentchanges plugins and the CGI interface enabled, which allows remote attackers to revert certain changes by leveraging permissions to change the page before the revision was made."}, {"lang": "es", "value": "ikiwiki 3.20161219 no verifica adecuadamente si una revisi\u00f3n cambia los permisos de acceso para una p\u00e1gina en sitios con los plugins git y recentchanges y la interfaz CGI habilitados, lo que permite a atacantes remotos revertir ciertos cambios aprovechando permisos para cambiar la p\u00e1gina antes de que sea hecha la revisi\u00f3n."}], "id": "CVE-2016-10026", "lastModified": "2017-11-04T01:29:15.163", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-02-13T18:59:00.363", "references": [{"source": "cve@mitre.org", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "http://ikiwiki.info/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed/"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2017/dsa-3760"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/12/21/3"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/12/29/3"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://ikiwiki.info/security/#index46h2"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "nvd@nist.gov", "type": "Primary"}]}