Mozilla Bugzilla 4.0.13/4.2.9/4.4.4/4.5.4 JSONP Endpoint SWF File cross-site request forgery
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 4.1 | $0-$5k | 0.00 |
Summary
A vulnerability was found in Mozilla Bugzilla 4.0.13/4.2.9/4.4.4/4.5.4. It has been classified as problematic. This issue affects some unknown processing of the component JSONP Endpoint. The manipulation as part of SWF File leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2014-1546. The attack is possible to be carried out remotely. Moreover, an exploit is present. Upgrading the affected component is recommended.
Details
A vulnerability was found in Mozilla Bugzilla 4.0.13/4.2.9/4.4.4/4.5.4 (Bug Tracking Software). It has been rated as problematic. This issue affects an unknown code block of the component JSONP Endpoint. The manipulation as part of a SWF File leads to a cross-site request forgery vulnerability. Using CWE to declare the problem leads to CWE-352. The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. Impacted is integrity.
The weakness was disclosed 07/24/2014 by Mario Gomes, Reed Loden, Simon Green and Byron Jones as Security advisory for Bugzilla 4.5.5, 4.4.5, 4.2.10, and 4.0.14 as confirmed advisory (Bugzilla). It is possible to read the advisory at bugzilla.org. The identification of this vulnerability is CVE-2014-1546 since 01/16/2014. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. It demands that the victim is doing some kind of user interaction. Technical details are unknown but an exploit is available.
It is declared as highly functional. The vulnerability scanner Nessus provides a plugin with the ID 77779 (Bugzilla < 4.0.14 / 4.2.10 / 4.4.5 / 4.5.5 CSRF Vulnerability), which helps to determine the existence of the flaw in a target environment. It is assigned to the family CGI abuses. The commercial vulnerability scanner Qualys is able to test this issue with plugin 123329 (Fedora Security Update for bugzilla (FEDORA-2015-1699)).
Upgrading to version 4.0.13, 4.2.9, 4.4.4 or 4.5.4 eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at X-Force (94888), Tenable (77779), SecurityFocus (BID 68902†), SecurityTracker (ID 1030648†) and Vulnerability Center (SBV-45735†). Be aware that VulDB is the high quality source for vulnerability data.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.mozilla.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 4.3VulDB Meta Temp Score: 4.1
VulDB Base Score: 4.3
VulDB Temp Score: 4.1
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Cross-site request forgeryCWE: CWE-352 / CWE-862 / CWE-863
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Highly functional
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 77779
Nessus Name: Bugzilla < 4.0.14 / 4.2.10 / 4.4.5 / 4.5.5 CSRF Vulnerability
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
OpenVAS ID: 867773
OpenVAS Name: Fedora Update for bugzilla FEDORA-2015-1699
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Upgrade: Bugzilla 4.0.13/4.2.9/4.4.4/4.5.4
Timeline
01/16/2014 🔍07/24/2014 🔍
07/24/2014 🔍
07/24/2014 🔍
07/24/2014 🔍
07/25/2014 🔍
07/29/2014 🔍
08/10/2014 🔍
08/14/2014 🔍
09/22/2014 🔍
02/10/2022 🔍
Sources
Vendor: mozilla.orgAdvisory: Security advisory for Bugzilla 4.5.5, 4.4.5, 4.2.10, and 4.0.14
Researcher: Mario Gomes, Reed Loden, Simon Green, Byron Jones
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2014-1546 (🔍)
GCVE (CVE): GCVE-0-2014-1546
GCVE (VulDB): GCVE-100-67247
X-Force: 94888 - Mozilla Bugzilla SWF cross-site request forgery, Medium Risk
SecurityFocus: 68902 - Bugzilla CVE-2014-1546 Cross Site Request Forgery Vulnerability
SecurityTracker: 1030648 - Bugzilla Input Validation Flaw in JSONP Endpoint Permits Cross-Site Request Forgery Attacks
Vulnerability Center: 45735 - Mozilla Bugzilla Remote CSRF due to Improper User Input Validation of HTTP Requests Containing SWF Content Type, Medium
scip Labs: https://www.scip.ch/en/?labs.20161013
Entry
Created: 07/29/2014 17:39Updated: 02/10/2022 00:22
Changes: 07/29/2014 17:39 (81), 06/04/2017 10:35 (5), 02/10/2022 00:13 (3), 02/10/2022 00:22 (1)
Complete: 🔍
Cache ID: 216:275:103
Be aware that VulDB is the high quality source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.