Platform
php
Component
mediawiki-scratch-login
Opgelost in
1.1.1
CVE-2020-15164 describes an authentication bypass vulnerability in Scratch Login, a MediaWiki extension. This flaw allows attackers to log into any account by manipulating the username with leading, trailing, or repeated underscores, which are incorrectly treated as whitespace. The vulnerability affects installations of Scratch Login prior to version 1.1. A fix was released in version 1.1, addressing the issue by ignoring comments from users with usernames that would be trimmed.
The impact of this vulnerability is significant due to its ease of exploitation and potential for widespread compromise. An attacker can gain unauthorized access to any user account on a MediaWiki installation utilizing Scratch Login. This could lead to data breaches, unauthorized modifications to wiki content, and potential disruption of services. The ability to bypass authentication without needing valid credentials makes this a high-risk vulnerability, particularly for wikis with sensitive information or critical functionality. The simplicity of the attack vector means that even non-technical users could potentially exploit this flaw.
CVE-2020-15164 was publicly disclosed on August 28, 2020. While no active exploitation campaigns have been definitively linked to this vulnerability, its ease of exploitation makes it a potential target. It is not currently listed on CISA KEV. Public proof-of-concept exploits are readily available, increasing the risk of opportunistic attacks.
Wikis running MediaWiki that utilize the Scratch Login extension are at risk. This includes internal documentation wikis, community forums, and any other MediaWiki-based platform relying on this extension. Shared hosting environments where multiple wikis share the same server are particularly vulnerable, as a compromise on one wiki could potentially expose others.
• php / server:
find /var/www/html -name "ScratchLogin.php" -print0 | xargs -0 grep -i "trim(preg_replace" • php / server:
find /var/www/html -name "ScratchLogin.php" -print0 | xargs -0 grep -i "username = "• generic web: Check MediaWiki installation for the presence of the Scratch Login extension and its version. Outdated versions are vulnerable. • generic web: Review MediaWiki access logs for unusual login attempts with usernames containing excessive underscores.
disclosure
Exploit Status
EPSS
0.26% (49% percentiel)
CVSS-vector
The primary mitigation for CVE-2020-15164 is to upgrade Scratch Login to version 1.1 or later. If an immediate upgrade is not feasible due to compatibility issues or testing requirements, consider implementing temporary workarounds. While no direct WAF rules can prevent this, strict input validation on username fields within the MediaWiki installation could offer some limited protection. Regularly review user accounts and audit logs for suspicious activity, particularly logins with unusual usernames. After upgrading, confirm the fix by attempting to log in with a username containing leading, trailing, or repeated underscores; the login should fail.
Werk de Scratch Login extensie bij naar versie 1.1 of hoger. Deze versie corrigeert de authenticatie-omissing door gebruikersnamen te valideren. De update voorkomt dat ongeautoriseerde gebruikers toegang krijgen tot accounts met behulp van gemanipuleerde gebruikersnamen met witruimte.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2020-15164 is a critical vulnerability in the Scratch Login MediaWiki extension allowing attackers to bypass authentication by manipulating usernames with underscores.
You are affected if you are using Scratch Login version 1.1 or earlier. Check your extension version immediately.
Upgrade Scratch Login to version 1.1 or later to resolve the authentication bypass vulnerability.
While no confirmed active campaigns are known, the ease of exploitation makes it a potential target for opportunistic attacks.
Refer to the MediaWiki security page for details: https://www.mediawiki.org/wiki/Security_alerts
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.