WBCE CMS Header class.login.php increase_attempts X-Forwarded-For excessive authentication

A vulnerability, which was classified as problematic, has been found in WBCE CMS. Affected by this issue is the function increase_attempts of the file wbce/framework/class.login.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of excessive authentication attempts. Using CWE to declare the problem leads to CWE-307. The weakness was released 11/15/2022 as d394ba39a7bfeb31eda797b6195fd90ef74b2e75. The advisory is shared for download at github.com. This vulnerability is handled as CVE-2022-4006. The attack may be launched remotely. Technical details are available. There is no exploit available. The current price for an exploit might be approx. USD $0-$5k at the moment. The MITRE ATT&CK project declares the attack technique as T1110.001. It is declared as not defined. As 0-day the estimated underground price was around $0-$5k. The name of the patch is d394ba39a7bfeb31eda797b6195fd90ef74b2e75. The bugfix is ready for download at github.com. It is recommended to apply a patch to fix this issue. A possible mitigation has been published before and not just after the disclosure of the vulnerability.

Field11/15/2022 21:3912/18/2022 16:0212/18/2022 16:08
vendorWBCEWBCEWBCE
nameCMSCMSCMS
componentHeader HandlerHeader HandlerHeader Handler
filewbce/framework/class.login.phpwbce/framework/class.login.phpwbce/framework/class.login.php
functionincrease_attemptsincrease_attemptsincrease_attempts
argumentX-Forwarded-ForX-Forwarded-ForX-Forwarded-For
cwe307 (excessive authentication)307 (excessive authentication)307 (excessive authentication)
risk111
cvss3_vuldb_avNNN
cvss3_vuldb_acHHH
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iNNN
cvss3_vuldb_aNNN
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
urlhttps://github.com/WBCE/WBCE_CMS/issues/524https://github.com/WBCE/WBCE_CMS/issues/524https://github.com/WBCE/WBCE_CMS/issues/524
namePatchPatchPatch
patch_named394ba39a7bfeb31eda797b6195fd90ef74b2e75d394ba39a7bfeb31eda797b6195fd90ef74b2e75d394ba39a7bfeb31eda797b6195fd90ef74b2e75
patch_urlhttps://github.com/wbce/wbce_cms/commit/d394ba39a7bfeb31eda797b6195fd90ef74b2e75https://github.com/wbce/wbce_cms/commit/d394ba39a7bfeb31eda797b6195fd90ef74b2e75https://github.com/wbce/wbce_cms/commit/d394ba39a7bfeb31eda797b6195fd90ef74b2e75
cveCVE-2022-4006CVE-2022-4006CVE-2022-4006
responsibleVulDBVulDBVulDB
date1668466800 (11/15/2022)1668466800 (11/15/2022)1668466800 (11/15/2022)
typeContent Management SystemContent Management SystemContent Management System
cvss2_vuldb_avNNN
cvss2_vuldb_acHHH
cvss2_vuldb_auNNN
cvss2_vuldb_ciPPP
cvss2_vuldb_iiNNN
cvss2_vuldb_aiNNN
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_eNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore2.62.62.6
cvss2_vuldb_tempscore2.32.32.3
cvss3_vuldb_basescore3.73.73.7
cvss3_vuldb_tempscore3.63.63.6
cvss3_meta_basescore3.73.75.0
cvss3_meta_tempscore3.63.64.9
price_0day$0-$5k$0-$5k$0-$5k
identifierd394ba39a7bfeb31eda797b6195fd90ef74b2e75d394ba39a7bfeb31eda797b6195fd90ef74b2e75
cve_assigned1668466800 (11/15/2022)1668466800 (11/15/2022)
cve_nvd_summaryA vulnerability, which was classified as problematic, has been found in WBCE CMS. Affected by this issue is the function increase_attempts of the file wbce/framework/class.login.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of excessive authentication attempts. The attack may be launched remotely. The name of the patch is d394ba39a7bfeb31eda797b6195fd90ef74b2e75. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213716.A vulnerability, which was classified as problematic, has been found in WBCE CMS. Affected by this issue is the function increase_attempts of the file wbce/framework/class.login.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of excessive authentication attempts. The attack may be launched remotely. The name of the patch is d394ba39a7bfeb31eda797b6195fd90ef74b2e75. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213716.
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iN
cvss3_nvd_aN
cvss3_cna_avN
cvss3_cna_acH
cvss3_cna_prN
cvss3_cna_uiN
cvss3_cna_sU
cvss3_cna_cL
cvss3_cna_iN
cvss3_cna_aN
cve_cnaVulDB
cvss3_nvd_basescore7.5
cvss3_cna_basescore3.7

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!