CVE-2020-28039 - OpenCVE

is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Debian	Debian Linux
Canonical	Ubuntu Linux
Wordpress	Wordpress

Configuration 1 [-]

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*

Configuration 3 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:20.04::::lts:::

References

Link	Resource
https://github.com/WordPress/wordpress-develop/commit/d5ddd6d4be1bc9fd16b7796842e6fb26315705ad	Patch Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/11/msg00004.html	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHVNK2WYAM3ZTCXTFSEIT56IKLVJHU3/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAVVYJKA2I6CRQUINECDPBGWMQDEG244/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXVUAKL2HL4QYJEPHBNVQQWRMFMII2Y/
https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/	Release Notes Vendor Advisory
https://wpscan.com/vulnerability/10452	Third Party Advisory
https://www.debian.org/security/2020/dsa-4784	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2020-10-31T00:58:46

Updated: 2020-11-11T02:06:38

Reserved: 2020-10-31T00:00:00

Link: CVE-2020-28039

JSON object: View

NVD Information

Status : Modified

Published: 2020-11-02T21:15:31.117

Modified: 2023-11-07T03:21:06.663

Link: CVE-2020-28039

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-11-11T02:06:38", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/"}, {"tags": ["x_refsource_MISC"], "url": "https://wpscan.com/vulnerability/10452"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/WordPress/wordpress-develop/commit/d5ddd6d4be1bc9fd16b7796842e6fb26315705ad"}, {"name": "[debian-lts-announce] 20201103 [SECURITY] [DLA 2429-1] wordpress security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00004.html"}, {"name": "DSA-4784", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2020/dsa-4784"}, {"name": "FEDORA-2020-15e15c35da", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAVVYJKA2I6CRQUINECDPBGWMQDEG244/"}, {"name": "FEDORA-2020-a764b11b52", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXVUAKL2HL4QYJEPHBNVQQWRMFMII2Y/"}, {"name": "FEDORA-2020-b386fac43a", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHVNK2WYAM3ZTCXTFSEIT56IKLVJHU3/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-28039", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/", "refsource": "MISC", "url": "https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/"}, {"name": "https://wpscan.com/vulnerability/10452", "refsource": "MISC", "url": "https://wpscan.com/vulnerability/10452"}, {"name": "https://github.com/WordPress/wordpress-develop/commit/d5ddd6d4be1bc9fd16b7796842e6fb26315705ad", "refsource": "MISC", "url": "https://github.com/WordPress/wordpress-develop/commit/d5ddd6d4be1bc9fd16b7796842e6fb26315705ad"}, {"name": "[debian-lts-announce] 20201103 [SECURITY] [DLA 2429-1] wordpress security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00004.html"}, {"name": "DSA-4784", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2020/dsa-4784"}, {"name": "FEDORA-2020-15e15c35da", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VAVVYJKA2I6CRQUINECDPBGWMQDEG244/"}, {"name": "FEDORA-2020-a764b11b52", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUXVUAKL2HL4QYJEPHBNVQQWRMFMII2Y/"}, {"name": "FEDORA-2020-b386fac43a", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHVNK2WYAM3ZTCXTFSEIT56IKLVJHU3/"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-28039", "datePublished": "2020-10-31T00:58:46", "dateReserved": "2020-10-31T00:00:00", "dateUpdated": "2020-11-11T02:06:38", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D5D80A5-C662-4540-9D2E-9C3F06D1D8FC", "versionEndExcluding": "5.5.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected."}, {"lang": "es", "value": "La funci\u00f3n is_protected_meta en el archivo wp-includes/meta.php en WordPress versiones anteriores a 5.5.2, permite la eliminaci\u00f3n arbitraria de archivos porque no determina apropiadamente si una clave meta es considerada protegida"}], "id": "CVE-2020-28039", "lastModified": "2023-11-07T03:21:06.663", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-02T21:15:31.117", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/WordPress/wordpress-develop/commit/d5ddd6d4be1bc9fd16b7796842e6fb26315705ad"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00004.html"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHVNK2WYAM3ZTCXTFSEIT56IKLVJHU3/"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAVVYJKA2I6CRQUINECDPBGWMQDEG244/"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUXVUAKL2HL4QYJEPHBNVQQWRMFMII2Y/"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://wpscan.com/vulnerability/10452"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2020/dsa-4784"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}