Published:2024/03/08 Last Updated:2024/03/08
JVN#48443978
a-blog cms vulnerable to directory traversal
Overview
a-blog cms contains a directory traversal vulnerability.
Products Affected
- a-blog cms Ver.3.1.x series versions Ver.3.1.9 and earlier
- a-blog cms Ver.3.0.x series versions Ver.3.0.30 and earlier
- a-blog cms Ver.2.11.x series versions Ver.2.11.59 and earlier
- a-blog cms Ver.2.10.x series versions Ver.2.10.51 and earlier
Description
a-blog cms provided by appleple Inc. is a content management system (CMS). a-blog cms contains a directory traversal vulnerability (CWE-22).
Impact
A user with editor or higher privilege who can log in to the product may obtain arbitrary files on the server including password files.
Solution
Update the Software
Update the software to the latest version according to the information provided by the developer.
Apply the workaround
Removing the following file may mitigate the impact of this vulnerability.
- php/ACMS/POST/PingWeblogUpdate.php
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| appleple inc. | Vulnerable | 2024/03/08 | appleple inc. website |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
CVSS v3
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score:
6.5
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
CVSS v2
AV:N/AC:L/Au:S/C:C/I:N/A:N
Base Score:
6.8
| Access Vector(AV) | Local (L) | Adjacent Network (A) | Network (N) |
|---|---|---|---|
| Access Complexity(AC) | High (H) | Medium (M) | Low (L) |
| Authentication(Au) | Multiple (M) | Single (S) | None (N) |
| Confidentiality Impact(C) | None (N) | Partial (P) | Complete (C) |
| Integrity Impact(I) | None (N) | Partial (P) | Complete (C) |
| Availability Impact(A) | None (N) | Partial (P) | Complete (C) |
Credit
Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2024-27279 |
| JVN iPedia |
JVNDB-2024-000030 |