JVN#73283159: Multiple vulnerabilities in baserCMS

Overview

baserCMS provided by baserCMS Users Community contains multiple vulnerabilities.

Products Affected

baserCMS 5.0.8 and earlier

Description

baserCMS provided by baserCMS Users Community contains multiple vulnerabilities listed below.

Reflected cross-site scripting vulnerability in Site search Feature (CWE-79) - CVE-2023-44379

CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score: 6.1

CVSS v2 AV:N/AC:M/Au:N/C:N/I:P/A:N Base Score: 4.3
Stored cross-site scripting vulnerability in Content Management (CWE-79) - CVE-2024-26128

CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score: 5.4

CVSS v2 AV:N/AC:M/Au:S/C:N/I:P/A:N Base Score: 3.5
OS command injection vulnerability (CWE-78) - CVE-2023-51450

CVSS v3 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score: 8.1

CVSS v2 AV:N/AC:M/Au:N/C:P/I:P/A:P Base Score: 6.8

Impact

An arbitrary script may be executed on the web browser of the user who accessed the site using the product - CVE-2023-44379
An arbitrary script may be executed on the web browser of the user who accessed the administrative page of the product - CVE-2024-26128
An arbitrary OS command may be executed by a remote attacker - CVE-2023-51450

Solution

Update the Software
Update the software to the latest version according to the information provided by the developer.
The developer has released baserCMS 5.0.10 that contains fixes for the vulnerabilities.

Vendor Status

Vendor	Status	Last Update	Vendor Notes
baserCMS Users Community	Vulnerable	2024/04/15	baserCMS Users Community website

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

CVE-2023-44379
Yusuke Uchida of PERSOL CROSS TECHNOLOGY CO., LTD. (Not affiliated at the time of report submission) reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

CVE-2024-26128
Kentaro Ishii of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

CVE-2023-51450
Shunsuke Tanizaki reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE	CVE-2023-44379
	CVE-2024-26128
	CVE-2023-51450
JVN iPedia	JVNDB-2024-000022

Update History

2024/04/16: Information under the section [Credit] was updated.
2024/04/16: baserCMS Users Community update status

CVSS v3	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	Base Score: 6.1
CVSS v2	AV:N/AC:M/Au:N/C:N/I:P/A:N	Base Score: 4.3

CVSS v3	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N	Base Score: 5.4
CVSS v2	AV:N/AC:M/Au:S/C:N/I:P/A:N	Base Score: 3.5

CVSS v3	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H	Base Score: 8.1
CVSS v2	AV:N/AC:M/Au:N/C:P/I:P/A:P	Base Score: 6.8

JVN#73283159 Multiple vulnerabilities in baserCMS