CVE Vulnerabilities

CVE-2013-0209

Improper Authentication

Published: Jan 23, 2013 | Modified: Jan 29, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

lib/MT/Upgrade.pm in mt-upgrade.cgi in Movable Type 4.2x and 4.3x through 4.38 does not require authentication for requests to database-migration functions, which allows remote attackers to conduct eval injection and SQL injection attacks via crafted parameters, as demonstrated by an eval injection attack against the core_drop_meta_for_table function, leading to execution of arbitrary Perl code.

Weakness

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Affected Software

Name Vendor Start Version End Version
Movable_type Sixapart 4.21 (including) 4.21 (including)
Movable_type Sixapart 4.22 (including) 4.22 (including)
Movable_type Sixapart 4.23 (including) 4.23 (including)
Movable_type Sixapart 4.24 (including) 4.24 (including)
Movable_type Sixapart 4.25 (including) 4.25 (including)
Movable_type Sixapart 4.26 (including) 4.26 (including)
Movable_type Sixapart 4.27 (including) 4.27 (including)
Movable_type Sixapart 4.28 (including) 4.28 (including)
Movable_type Sixapart 4.29 (including) 4.29 (including)
Movable_type Sixapart 4.31 (including) 4.31 (including)
Movable_type Sixapart 4.32 (including) 4.32 (including)
Movable_type Sixapart 4.33 (including) 4.33 (including)
Movable_type Sixapart 4.34 (including) 4.34 (including)
Movable_type Sixapart 4.35 (including) 4.35 (including)
Movable_type Sixapart 4.36 (including) 4.36 (including)
Movable_type Sixapart 4.37 (including) 4.37 (including)
Movable_type Sixapart 4.38 (including) 4.38 (including)
Movable_type Sixapart 4.261 (including) 4.261 (including)
Movable_type Sixapart 4.291 (including) 4.291 (including)
Movable_type Sixapart 4.292 (including) 4.292 (including)
Movable_type Sixapart 4.361 (including) 4.361 (including)

Potential Mitigations

References