Aqua Vulnerability Database
Get Demo
Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities
CVE-2021-45471
Published:
Dec 24, 2021
| Modified:
Nov 07, 2023
CVSS 3.x
5.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVD
https://nvd.nist.gov/vuln/detail/CVE-2021-45471
CWE
https://cwe.mitre.org/data/definitions/.html
In MediaWiki through 1.37, blocked IP addresses are allowed to edit EntitySchema items.
Affected Software
Name
Vendor
Start Version
End Version
Mediawiki
Mediawiki
*
1.37 (including)
References
https://gerrit.wikimedia.org/r/q/Iac86cf63bd014ef99e83dccfce9b8942e15d2bf9
https://gerrit.wikimedia.org/r/q/Id9af124427bcd1e85301d2140a38bf47bbc5622c
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7JNQA53K675TQBBJPZRAG5ZT6XES3IS/
https://phabricator.wikimedia.org/T296578
Aqua Container Security