CVE-2022-2939 - Vulnerability Details

Vendors	Products
Cerber	Wp Cerber Security\, Anti-spam \& Malware Scan

Link	Providers
https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php
https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939

{"containers": {"cna": {"affected": [{"product": "WP Cerber Security, Anti-spam & Malware Scan", "vendor": "gioni", "versions": [{"lessThanOrEqual": "9.0", "status": "affected", "version": "9.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Margaux DABERT (Intrinsec)"}], "descriptions": [{"lang": "en", "value": "The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. This is due to improper validation on the value supplied through the 'author' parameter found in the ~/cerber-load.php file. In vulnerable versions, the plugin only blocks requests if the value supplied is numeric, making it possible for attackers to supply additional non-numeric characters to bypass the protection. The non-numeric characters are stripped and the user requested is displayed. This can be used by unauthenticated attackers to gather information about users that can targeted in further attacks."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200 Information Exposure", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-09-06T17:19:01", "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939"}, {"tags": ["x_refsource_MISC"], "url": "https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php"}], "source": {"discovery": "EXTERNAL"}, "title": "WP Cerber Security <= 9.0 - User Enumeration Bypass", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "Wordfence", "ASSIGNER": "security@wordfence.com", "ID": "CVE-2022-2939", "STATE": "PUBLIC", "TITLE": "WP Cerber Security <= 9.0 - User Enumeration Bypass"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "WP Cerber Security, Anti-spam & Malware Scan", "version": {"version_data": [{"version_affected": "<=", "version_name": "9.0", "version_value": "9.0"}]}}]}, "vendor_name": "gioni"}]}}, "credit": [{"lang": "eng", "value": "Margaux DABERT (Intrinsec)"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. This is due to improper validation on the value supplied through the 'author' parameter found in the ~/cerber-load.php file. In vulnerable versions, the plugin only blocks requests if the value supplied is numeric, making it possible for attackers to supply additional non-numeric characters to bypass the protection. The non-numeric characters are stripped and the user requested is displayed. This can be used by unauthenticated attackers to gather information about users that can targeted in further attacks."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-200 Information Exposure"}]}]}, "references": {"reference_data": [{"name": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939", "refsource": "MISC", "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939"}, {"name": "https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php", "refsource": "MISC", "url": "https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php"}]}, "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:52:59.815Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php"}]}]}, "cveMetadata": {"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "assignerShortName": "Wordfence", "cveId": "CVE-2022-2939", "datePublished": "2022-09-06T17:19:01", "dateReserved": "2022-08-22T00:00:00", "dateUpdated": "2024-08-03T00:52:59.815Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cerber:wp_cerber_security\\,_anti-spam_\\&_malware_scan:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "40F38BAC-D89C-4442-88C5-FDA0E3247850", "versionEndIncluding": "9.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. This is due to improper validation on the value supplied through the 'author' parameter found in the ~/cerber-load.php file. In vulnerable versions, the plugin only blocks requests if the value supplied is numeric, making it possible for attackers to supply additional non-numeric characters to bypass the protection. The non-numeric characters are stripped and the user requested is displayed. This can be used by unauthenticated attackers to gather information about users that can targeted in further attacks."}, {"lang": "es", "value": "El plugin WP Cerber Security para WordPress es vulnerable a una omisi\u00f3n de la protecci\u00f3n de seguridad en versiones hasta 9.0, incluy\u00e9ndola, que hace posible una enumeraci\u00f3n de usuarios. Esto es debido a que no es comprobado el valor suministrado mediante el par\u00e1metro \"author\" que es encontrado en el archivo ~/cerber-load.php. En las versiones vulnerables, el plugin s\u00f3lo bloquea las peticiones si el valor suministrado es num\u00e9rico, haciendo posible a atacantes suministren caracteres no num\u00e9ricos adicionales para omitir la protecci\u00f3n. Los caracteres no num\u00e9ricos son eliminados y es mostrado una petici\u00f3n de usuario. Esto puede ser usado por atacantes no autenticados para reunir informaci\u00f3n sobre usuarios que puede ser objetivo de otros ataques."}], "id": "CVE-2022-2939", "lastModified": "2024-11-21T07:01:57.593", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-06T18:15:15.143", "references": [{"source": "security@wordfence.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://plugins.trac.wordpress.org/changeset/2772930/wp-cerber/trunk/cerber-load.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "security@wordfence.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object