CVE-2014-9573

MantisBT 1.2.17 XSS / Improper Access Control / SQL Injection

Severity Score

6.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

SQL injection vulnerability in manage_user_page.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote administrators with FILE privileges to execute arbitrary SQL commands via the MANTIS_MANAGE_USERS_COOKIE cookie.

Vulnerabilidad de inyección SQL en manage_user_page.php en MantisBT anterior a 1.2.19 y 1.3.x anterior a 1.3.0-beta.2 permite a administradores remotos con privilegios FILE ejecutar comandos SQL arbitrarios a través de la cookie MANTIS_MANAGE_USERS_COOKIE.

MantisBT version 1.2.17 suffers from improper access control, cross site scripting, and remote SQL injection vulnerabilities.

*Credits: N/A

CVSS Scores

NISTv2 6.0

Attack Vector

Network

Attack Complexity

Medium

Authentication

Single

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-01-07 CVE Reserved
2015-01-26 CVE Published
2024-08-06 CVE Updated
2024-08-06 First Exploit
2024-09-07 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CAPEC

References (8)

URL	Tag	Source
http://www.securitytracker.com/id/1031633	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/100210	Vdb Entry
https://github.com/mantisbt/mantisbt/commit/69c2d28d	X_refsource_confirm
https://github.com/mantisbt/mantisbt/commit/7cc4539f	X_refsource_confirm
https://www.htbridge.com/advisory/HTB23243	X_refsource_misc
https://www.mantisbt.org/bugs/view.php?id=17937	X_refsource_confirm

URL	Date	SRC
http://seclists.org/oss-sec/2015/q1/157	2024-08-06
https://www.mantisbt.org/bugs/view.php?id=17940	2024-08-06

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Mantisbt Search vendor "Mantisbt"		Mantisbt Search vendor "Mantisbt" for product "Mantisbt"				<= 1.2.18 Search vendor "Mantisbt" for product "Mantisbt" and version " <= 1.2.18"		-		Affected
Mantisbt Search vendor "Mantisbt"		Mantisbt Search vendor "Mantisbt" for product "Mantisbt"				1.3.0 Search vendor "Mantisbt" for product "Mantisbt" and version "1.3.0"		beta1		Affected