CVE-2020-11037 Information

Description

In Wagtail before versions 2.7.2 and 2.8.2 a potential timing attack exists on pages or documents that have been protected with a shared password through Wagtail’s \Privacy\ controls. This password check is performed through a character-by-character string comparison and so an attacker who is able to measure the time taken by this check to a high degree of accuracy could potentially use timing differences to gain knowledge of the password. This is understood to be feasible on a local network but not on the public internet. Privacy settings that restrict access to pages/documents on a per-user or per-group basis (as opposed to a shared password) are unaffected by this vulnerability. This has been patched in 2.7.3 2.8.2 2.9.

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Reference

https://github.com/wagtail/wagtail/security/advisories/GHSA-jjjr-3jcw-f8v6

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

4.7