JVN#78501037
Movable Type plugin A-Member and A-Reserve vulnerable to SQL injection
Overview
Movable Type plugin A-Member and A-Reserve contain an SQL injection vulnerability.
Products Affected
- A-Member 3.8.6 and earlier (CVE-2017-10898)
- A-Member for MT cloud 3.8.6 and earlier (CVE-2017-10898)
- A-Reserve 3.8.6 and earlier (CVE-2017-10899)
- A-Reserve for MT cloud 3.8.6 and earlier (CVE-2017-10899)
Description
A-Member and A-Reserve provided by ARK-Web co., ltd. are plugins for Movable Type which provide functions to build a membership website or a reservation website. A-Member and A-Reserve contain SQL injection (CWE-89) vulnerability due to the issue in processing cookie values.
Impact
An attacker who can access the web page created by using either A-Member or A-Reserve may obtain or alter information stored in the database.
Solution
Update the Software
Apply the latest version for the appropriate plugin according to the information provided by the developer.
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| ARK-Web co., ltd. | Vulnerable | 2017/11/30 | ARK-Web co., ltd. website |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
| Access Vector(AV) | Local (L) | Adjacent Network (A) | Network (N) |
|---|---|---|---|
| Access Complexity(AC) | High (H) | Medium (M) | Low (L) |
| Authentication(Au) | Multiple (M) | Single (S) | None (N) |
| Confidentiality Impact(C) | None (N) | Partial (P) | Complete (C) |
| Integrity Impact(I) | None (N) | Partial (P) | Complete (C) |
| Availability Impact(A) | None (N) | Partial (P) | Complete (C) |
Credit
Yuuta Watanabe of STNet, Incorporated reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2017-10898 |
|
CVE-2017-10899 |
|
| JVN iPedia |
JVNDB-2017-000243 |
Update History
- 2017/12/01
- Fixed typing errors in [Products Affected].