CVE-2015-4630

18.10.2018, 21:29

Multiple cross-site request forgery (CSRF) vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to (1) hijack the authentication of administrators for requests that create a user via a request to members/memberentry.pl or (2) give a user superlibrarian permission via a request to members/member-flags.pl or (3) hijack the authentication of arbitrary users for requests that conduct cross-site scripting (XSS) attacks via the addshelf parameter to opac-shelves.pl.

CSRF

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	8 HIGH	NETWORK	LOW	LOW	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 70%

Vendor	Product	Version
koha	koha	3.14.00 ≤ 𝑥 < 3.14.16
koha	koha	3.16.00 ≤ 𝑥 < 3.16.12
koha	koha	3.18.0 ≤ 𝑥 < 3.18.8
koha	koha	3.20.00 ≤ 𝑥 < 3.20.1

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-352 - Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14423

https://koha-community.org/koha-3-14-16-released/

https://koha-community.org/security-release-koha-3-16-12/

https://koha-community.org/security-release-koha-3-18-8/

https://koha-community.org/security-release-koha-3-20-1/

https://packetstormsecurity.com/files/132458/Koha-ILS-3.20.x-CSRF-XSS-Traversal-SQL-Injection.html

https://seclists.org/fulldisclosure/2015/Jun/80

https://www.exploit-db.com/exploits/37389/

https://www.sba-research.org/2015/06/24/researchers-of-sba-research-found-several-critical-security-vulnerabilities-in-the-koha-library-software-via-combinatorial-testing/

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14423

https://koha-community.org/koha-3-14-16-released/

https://koha-community.org/security-release-koha-3-16-12/

https://koha-community.org/security-release-koha-3-18-8/

https://koha-community.org/security-release-koha-3-20-1/

https://packetstormsecurity.com/files/132458/Koha-ILS-3.20.x-CSRF-XSS-Traversal-SQL-Injection.html

https://seclists.org/fulldisclosure/2015/Jun/80

https://www.exploit-db.com/exploits/37389/

https://www.sba-research.org/2015/06/24/researchers-of-sba-research-found-several-critical-security-vulnerabilities-in-the-koha-library-software-via-combinatorial-testing/