CVE-2018-0505

All Frameworks › MediaWiki › CWE-Other › CVE-2018-0505

CVE-2018-0505

State: PUBLISHED · Published: 2018-10-04 · Updated: 2024-09-16 · Assigner: debian

Description

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock

CWE

(none)

Affected

mediawiki / mediawiki — v=before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 [affected]

CVSS

(none)

References

https://lists.wikimedia.org/pipermail/wikitech-l/2018-September/090849.html mailing-list, x_refsource_MLIST
https://phabricator.wikimedia.org/T194605 x_refsource_CONFIRM
http://www.securitytracker.com/id/1041695 vdb-entry, x_refsource_SECTRACK
https://www.debian.org/security/2018/dsa-4301 vendor-advisory, x_refsource_DEBIAN
https://access.redhat.com/errata/RHSA-2019:3142 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3238 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3813 vendor-advisory, x_refsource_REDHAT

Source

cvelistV5-main/cves/2018/0xxx/CVE-2018-0505.json