CVE-2017-17091
First published: Sat Dec 02 2017(Updated: )
wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access restrictions by entering this string.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/wordpress | 5.0.15+dfsg1-0+deb10u1 5.0.19+dfsg1-0+deb10u1 5.7.8+dfsg1-0+deb11u2 6.1.1+dfsg1-1 6.3.1+dfsg1-1 | |
| WordPress | <=4.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://security-tracker.debian.org/tracker/CVE-2017-17091
- https://security-tracker.debian.org/tracker/CVE-2017-17092
- https://security-tracker.debian.org/tracker/CVE-2017-17093
- https://security-tracker.debian.org/tracker/CVE-2017-17094
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17091
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17092
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17093
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17094
- https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
- https://anonscm.debian.org/cgit/collab-maint/wordpress.git/commit/?id=5d5ab9f
- https://security-tracker.debian.org/tracker/CVE-2017-16510
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883314
- https://github.com/WordPress/WordPress/commit/eaf1cfdc1fe0bdffabd8d879c591b864d833326c
- http://www.securityfocus.com/bid/102024
- https://codex.wordpress.org/Version_4.9.1
- https://lists.debian.org/debian-lts-announce/2017/12/msg00019.html
- https://wpvulndb.com/vulnerabilities/8969
- https://www.debian.org/security/2018/dsa-4090
Frequently Asked Questions
What is the severity of CVE-2017-17091?
CVE-2017-17091 is rated as a medium severity vulnerability due to the potential for unauthorized access.
How can I fix CVE-2017-17091?
To fix CVE-2017-17091, update WordPress to version 4.9.1 or later.
What are the affected versions in CVE-2017-17091?
CVE-2017-17091 affects WordPress versions before 4.9.1.
What type of attack does CVE-2017-17091 enable?
CVE-2017-17091 allows remote attackers to bypass access restrictions and manipulate user accounts.
Is there a workaround for CVE-2017-17091?
There are no known effective workarounds for CVE-2017-17091, and updating is the recommended action.
- collector/debian-bugs
- alias/CVE-2017-17091
- collector/security-tracker-debian
- agent/type
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- agent/author
- agent/references
- agent/severity
- agent/weakness
- agent/tags
- agent/description
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/debian
- vendor/wordpress
- canonical/wordpress
- version/wordpress/4.9