CVE-2020-5577

14.05.2020, 02:15

Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allow remote authenticated attackers to upload arbitrary files and execute a php script via unspecified vectors.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	8.8 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
jpcert	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 73%

Vendor	Product	Version
sixapart	movable_type	𝑥 ≤ 1.29
sixapart	movable_type	𝑥 ≤ 1.29
sixapart	movable_type	6.3 ≤ 𝑥 ≤ 6.3.11
sixapart	movable_type	6.3 ≤ 𝑥 ≤ 6.3.11
sixapart	movable_type	6.5.0 ≤ 𝑥 ≤ 6.5.3
sixapart	movable_type	6.5.0 ≤ 𝑥 ≤ 6.5.3
sixapart	movable_type	7.0 ≤ 𝑥 ≤ 7.2.1
sixapart	movable_type	7.0 ≤ 𝑥 ≤ 7.2.1
sixapart	movable_type	7.0 ≤ 𝑥 ≤ 7.2.1

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

movabletype-opensource

focal	dne
eoan	dne
bionic	dne
xenial	dne
trusty	dne
precise	ignored

Common Weakness Enumeration

CWE-434 - Unrestricted Upload of File with Dangerous Type
The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

References

https://jvn.jp/en/jp/JVN28806943/index.html

https://movabletype.org/news/2020/05/mt-730-660-6312-released.html

https://jvn.jp/en/jp/JVN28806943/index.html

https://movabletype.org/news/2020/05/mt-730-660-6312-released.html