JVN#34565930
Multiple vulnerabilities in a-blog cms
Overview
a-blog cms contains multiple vulnerabilities.
Products Affected
- a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7
- a-blog cms Ver.3.0.x series versions prior to Ver.3.0.29
- a-blog cms Ver.2.11.x series versions prior to Ver.2.11.58
- a-blog cms Ver.2.10.x series versions prior to Ver.2.10.50
Description
a-blog cms provided by appleple inc. contains multiple vulnerabilities listed below.
- Improper input validation (CWE-20) - CVE-2024-23180
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N Base Score: 3.5 CVSS v2 AV:N/AC:M/Au:S/C:N/I:P/A:N Base Score: 3.5 - Cross-site scripting (CWE-79) - CVE-2024-23181
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score: 6.1 CVSS v2 AV:N/AC:M/Au:N/C:N/I:P/A:N Base Score: 4.3 - Relative path traversal (CWE-23) - CVE-2024-23182
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N Base Score: 5.0 CVSS v2 AV:N/AC:L/Au:S/C:N/I:P/A:N Base Score: 4.0 - Cross-site scripting (CWE-79) - CVE-2024-23183
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score: 5.4 CVSS v2 AV:N/AC:M/Au:S/C:N/I:P/A:N Base Score: 3.5 - Improper input validation (CWE-20) - CVE-2024-23348
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score: 5.4 CVSS v2 AV:N/AC:M/Au:S/C:N/I:P/A:N Base Score: 3.5 - Cross-site scripting (CWE-79) - CVE-2024-23782
CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score: 5.4 CVSS v2 AV:N/AC:M/Au:S/C:N/I:P/A:N Base Score: 3.5
Impact
- An attacker may execute arbitrary code by uploading a specially crafted SVG file - CVE-2024-23180
- An arbitrary script may be executed on the logged-in user's web browser - CVE-2024-23181, CVE-2024-23183
- An attacker may delete arbitrary files on the server - CVE-2024-23182
- An attacker may execute arbitrary JavaScript code by uploading a specially crafted SVG file - CVE-2024-23348
- A user with a contributor or higher privilege may execute an arbitrary script on the web browser of the user who accessed the website using the product - CVE-2024-23782
Solution
CVE-2024-23180, CVE-2024-23181, CVE-2024-23182, CVE-2024-23183, CVE-2024-23348
Update the Software
Update the software to the latest version according to the information provided by the developer.
CVE-2024-23782
Update the Software and activate option
Update the software to the latest version according to the information provided by the developer.
After updating, add the following line to private/config.system.yaml
strip_dangerous_tag: on
For more information, refer to the information provided by the developer.
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| appleple inc. | Vulnerable | 2024/01/22 | appleple inc. website |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
CVE-2024-23180
Naoya Miyaguchi reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVE-2024-23181
Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVE-2024-23182, CVE-2024-23183
Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVE-2024-23348, CVE-2024-23782
Yuta Morioka of Information Science College reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2024-23180 |
|
CVE-2024-23181 |
|
|
CVE-2024-23182 |
|
|
CVE-2024-23183 |
|
|
CVE-2024-23348 |
|
|
CVE-2024-23782 |
|
| JVN iPedia |
JVNDB-2024-000011 |
Update History
- 2024/01/22
- Information under the section [Products Affected] was updated.
- 2024/01/25
- Information under the section [Description], [Impact], [Solution], [Credit], and [Other Information] was updated.