CVE-2015-8623
N/A
N/A
Summary
The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12 and 1.24.x before 1.24.5 does not perform token comparison in constant time before returning, which allows remote attackers to guess the edit token and bypass CSRF protection via a timing attack, a different vulnerability than CVE-2015-8624.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000186.html
- http://www.openwall.com/lists/oss-security/2015/12/23/7
- https://phabricator.wikimedia.org/T119309
- http://www.openwall.com/lists/oss-security/2015/12/21/8
- https://gerrit.wikimedia.org/r/#/c/156336/5/includes/User.php
References
- https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-December/000186.html
- http://www.openwall.com/lists/oss-security/2015/12/23/7
- https://phabricator.wikimedia.org/T119309
- http://www.openwall.com/lists/oss-security/2015/12/21/8
- https://gerrit.wikimedia.org/r/#/c/156336/5/includes/User.php
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.