Published:2022/10/11  Last Updated:2022/10/11

JVN#74592196
bingo!CMS vulnerable to authentication bypass
Critical

Overview

bingo!CMS provided by Shift Tech Inc. contains an authentication bypass vulnerability.

Products Affected

  • bingo!CMS version1.7.4.1 and earlier

Description

bingo!CMS provided by Shift Tech Inc. contains an authentication bypass vulnerability (CWE-288) in some of the management functions.

Shift Tech Inc. states that attacks exploiting this vulnerability have been observed.

Impact

Accessing a specific URL directly may allow a remote unauthenticated attacker to upload an arbitrary file without authentication.
As a result, an arbitrary script may be executed and/or a file may be altered.

Solution

Update the software
Update the software to the latest version according to the information provided by the developer.
This vulnerability has been addressed in version 1.7.4.2.

Vendor Status

Vendor Link
Shift Tech Inc. [Important / Action Required] Please take action regarding the bingo!CMS authentication bypass vulnerability (Text in Japanese)

References

  1. Information-technology Promotion Agency, Japan (IPA)
    Security Updates Available for bingo!CMS (JVN#74592196) (in Japanese)

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score: 7.5
Attack Vector(AV) Physical (P) Local (L) Adjacent (A) Network (N)
Attack Complexity(AC) High (H) Low (L)
Privileges Required(PR) High (H) Low (L) None (N)
User Interaction(UI) Required (R) None (N)
Scope(S) Unchanged (U) Changed (C)
Confidentiality Impact(C) None (N) Low (L) High (H)
Integrity Impact(I) None (N) Low (L) High (H)
Availability Impact(A) None (N) Low (L) High (H)
CVSS v2 AV:N/AC:L/Au:N/C:N/I:P/A:N
Base Score: 5.0
Access Vector(AV) Local (L) Adjacent Network (A) Network (N)
Access Complexity(AC) High (H) Medium (M) Low (L)
Authentication(Au) Multiple (M) Single (S) None (N)
Confidentiality Impact(C) None (N) Partial (P) Complete (C)
Integrity Impact(I) None (N) Partial (P) Complete (C)
Availability Impact(A) None (N) Partial (P) Complete (C)

Credit

Shift Tech Inc. reported this vulnerability to IPA to notify users of its solution through JVN.
JPCERT/CC and Shift Tech Inc. coordinated under the Information Security Early Warning Partnership.

Other Information

JPCERT Alert JPCERT-AT-2022-0026
Alert Regarding Authentication Bypass Vulnerability (CVE-2022-42458) in bingo!CMS
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2022-42458
JVN iPedia JVNDB-2022-000078

Update History

2022/10/11
Information under the section [References] and [Other Information] was updated.