NVD Vulnerability Detail

CVE-2021-29447

Summary	Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled.
Publication Date	April 16, 2021, 6:15 a.m.
Registration Date	April 16, 2021, 10:05 a.m.
Last Update	Nov. 21, 2024, 3:01 p.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:wordpress:wordpress::::::::		5.6.0			5.7.1

Related information, measures and tools

No	URL	タグ
1	http://packetstormsecurity.com/files/163148/XML-External-Entity-Via-MP3-File-Upload-On-WordPress.html	Third Party Advisory VDB Entry
2	http://packetstormsecurity.com/files/163148/XML-External-Entity-Via-MP3-File-Upload-On-WordPress.html	Third Party Advisory VDB Entry
3	http://packetstormsecurity.com/files/164198/WordPress-5.7-Media-Library-XML-Injection.html	Exploit Third Party Advisory VDB Entry
4	http://packetstormsecurity.com/files/164198/WordPress-5.7-Media-Library-XML-Injection.html	Exploit Third Party Advisory VDB Entry
5	https://blog.sonarsource.com/wordpress-xxe-security-vulnerability/	Exploit Third Party Advisory
6	https://blog.sonarsource.com/wordpress-xxe-security-vulnerability/	Exploit Third Party Advisory
7	https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-rv47-pc52-qrhh	Third Party Advisory
8	https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-rv47-pc52-qrhh	Third Party Advisory
9	https://lists.debian.org/debian-lts-announce/2021/04/msg00017.html	Mailing List Third Party Advisory
10	https://lists.debian.org/debian-lts-announce/2021/04/msg00017.html	Mailing List Third Party Advisory
11	https://wordpress.org/news/category/security/	Release Notes Vendor Advisory
12	https://wordpress.org/news/category/security/	Release Notes Vendor Advisory
13	https://www.debian.org/security/2021/dsa-4896	Third Party Advisory
14	https://www.debian.org/security/2021/dsa-4896	Third Party Advisory

Common Vulnerabilities List

JVN Vulnerability Information

WordPress の Media Library における XML 外部エンティティの脆弱性

Title	WordPress の Media Library における XML 外部エンティティの脆弱性
Summary	WordPress の Media Library には、WordPress のインストールで PHP 8 を使用する場合、XML 構文解析に不備があるため、XML 外部エンティティの脆弱性が存在します。
Possible impacts	ファイルをアップロードできるユーザ (作成者など) により、XXE 攻撃をされることで、内部ファイルにアクセスされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	April 15, 2021, midnight
Registration Date	Jan. 6, 2022, 4:03 p.m.
Last Update	Jan. 6, 2022, 4:03 p.m.

Affected System

Debian

Debian GNU/Linux

WordPress.org

WordPress

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2021-29447	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29447
National Vulnerability Database (NVD)
2	CVE-2021-29447	https://nvd.nist.gov/vuln/detail/CVE-2021-29447

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-611	https://cwe.mitre.org/data/definitions/611.html

ベンダー情報

No	Name	URL
Debian
1	[SECURITY] [DLA 2630-1] wordpress security update	https://lists.debian.org/debian-lts-announce/2021/04/msg00017.html
Debian Security Advisory
2	DSA-4896-1	https://www.debian.org/security/2021/dsa-4896
GitHub
3	WordPress: Authenticated XXE attack when installation is running PHP 8	https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-rv47-pc52-qrhh
WordPress.org
4	Security Category Archive	https://wordpress.org/news/category/security/

Change Log

No	Changed Details	Date of change
1	[2022年01月06日] 掲載	Jan. 6, 2022, 4:03 p.m.