Vulnerability-Lookup

FKIE_CVE-2014-0166

Vulnerability from fkie_nvd - Published: 2014-04-10 00:55 - Updated: 2025-04-12 10:46

Severity ?

Summary

The wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.x before 3.8.2 does not properly determine the validity of authentication cookies, which makes it easier for remote attackers to obtain access via a forged cookie.

References

URL	Tags
secalert@redhat.com	http://codex.wordpress.org/Version_3.7.2	Vendor Advisory
secalert@redhat.com	http://codex.wordpress.org/Version_3.8.2	Vendor Advisory
secalert@redhat.com	http://core.trac.wordpress.org/changeset/28054
secalert@redhat.com	http://www.debian.org/security/2014/dsa-2901
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=1085858
af854a3a-2127-422b-91ae-364da2661108	http://codex.wordpress.org/Version_3.7.2	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://codex.wordpress.org/Version_3.8.2	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://core.trac.wordpress.org/changeset/28054
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2014/dsa-2901
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1085858

Impacted products

Vendor	Product	Version
wordpress	wordpress	*
wordpress	wordpress	0.71
wordpress	wordpress	1.0
wordpress	wordpress	1.0.1
wordpress	wordpress	1.0.2
wordpress	wordpress	1.1.1
wordpress	wordpress	1.2
wordpress	wordpress	1.2.1
wordpress	wordpress	1.2.2
wordpress	wordpress	1.2.3
wordpress	wordpress	1.2.4
wordpress	wordpress	1.2.5
wordpress	wordpress	1.2.5
wordpress	wordpress	1.3
wordpress	wordpress	1.3.2
wordpress	wordpress	1.3.3
wordpress	wordpress	1.5
wordpress	wordpress	1.5.1
wordpress	wordpress	1.5.1.1
wordpress	wordpress	1.5.1.2
wordpress	wordpress	1.5.1.3
wordpress	wordpress	1.5.2
wordpress	wordpress	1.6.2
wordpress	wordpress	2.0
wordpress	wordpress	2.0.1
wordpress	wordpress	2.0.2
wordpress	wordpress	2.0.4
wordpress	wordpress	2.0.5
wordpress	wordpress	2.0.6
wordpress	wordpress	2.0.7
wordpress	wordpress	2.0.8
wordpress	wordpress	2.0.9
wordpress	wordpress	2.0.10
wordpress	wordpress	2.0.11
wordpress	wordpress	2.1
wordpress	wordpress	2.1.1
wordpress	wordpress	2.1.2
wordpress	wordpress	2.1.3
wordpress	wordpress	2.2
wordpress	wordpress	2.2.1
wordpress	wordpress	2.2.2
wordpress	wordpress	2.2.3
wordpress	wordpress	2.3
wordpress	wordpress	2.3.1
wordpress	wordpress	2.3.2
wordpress	wordpress	2.3.3
wordpress	wordpress	2.5
wordpress	wordpress	2.5.1
wordpress	wordpress	2.6
wordpress	wordpress	2.6.1
wordpress	wordpress	2.6.2
wordpress	wordpress	2.6.3
wordpress	wordpress	2.6.5
wordpress	wordpress	2.7
wordpress	wordpress	2.7.1
wordpress	wordpress	2.8
wordpress	wordpress	2.8.1
wordpress	wordpress	2.8.2
wordpress	wordpress	2.8.3
wordpress	wordpress	2.8.4
wordpress	wordpress	2.8.4
wordpress	wordpress	2.8.5
wordpress	wordpress	2.8.5.1
wordpress	wordpress	2.8.5.2
wordpress	wordpress	2.8.6
wordpress	wordpress	2.9
wordpress	wordpress	2.9.1
wordpress	wordpress	2.9.1.1
wordpress	wordpress	2.9.2
wordpress	wordpress	3.0
wordpress	wordpress	3.0.1
wordpress	wordpress	3.0.2
wordpress	wordpress	3.0.3
wordpress	wordpress	3.0.4
wordpress	wordpress	3.0.5
wordpress	wordpress	3.0.6
wordpress	wordpress	3.1
wordpress	wordpress	3.1.1
wordpress	wordpress	3.1.2
wordpress	wordpress	3.1.3
wordpress	wordpress	3.1.4
wordpress	wordpress	3.2
wordpress	wordpress	3.2
wordpress	wordpress	3.2.1
wordpress	wordpress	3.3
wordpress	wordpress	3.3.1
wordpress	wordpress	3.3.2
wordpress	wordpress	3.3.3
wordpress	wordpress	3.4.0
wordpress	wordpress	3.4.1
wordpress	wordpress	3.4.2
wordpress	wordpress	3.5.0
wordpress	wordpress	3.5.1
wordpress	wordpress	3.6
wordpress	wordpress	3.6.1
wordpress	wordpress	3.7
wordpress	wordpress	3.8
wordpress	wordpress	3.8.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "255BADB6-6C7B-421E-9780-E657CF2BD6C9",
              "versionEndIncluding": "3.7.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C8B90E9-5DF5-45F5-9810-2973FDAA16A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D86BA1-3DC8-478C-B2FA-581F9AE1F93E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E7BEFBD-4326-44A5-A160-9406D94AB307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E85A88D7-07A1-4A8C-88B5-057AD9C675E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8B664FF-DF43-45C3-A42D-1FCD42A597B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF1FE320-DF71-42EC-A0F0-300F7D6D4AB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B64D4777-2ED6-4A47-A8F3-38A3A8EB1ACB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "614956CB-0582-4EAD-86F4-5AB0BB781CE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "59F19F56-9338-4917-B782-AA70BF1511EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B83B70AE-3C27-4AD0-869C-E219728A8D92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "62C3BA98-8CF0-4440-BE46-27FC0E20BC38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.2.5:a:*:*:*:*:*:*",
              "matchCriteriaId": "0D437FE7-78EA-4264-BF16-1B5757AC6AE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A53347E6-D721-4E47-BE5B-FA927B9DB164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2C97B7C-77F4-4020-8574-E853CE5CD885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B47496E3-BB07-45E6-ACCA-84D5EF499E21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "503E4894-3F39-471F-9A56-052718813BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "38085E5A-7B41-4E43-8A22-5FD44970F3EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF628FB8-1AC4-4F15-9967-E60785A32D1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F0BF1F6-A54A-48E8-A872-015FE10E5D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F0B6EAC-E43D-4D1B-856F-7C23250A2355",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "51FAD0FC-CE84-4332-B061-75C0C8A0B6AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA51B49-8E36-48BC-A660-F155D6A4E166",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDCFE9AA-39E9-4366-AAB7-F7A891BC797E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAF4671A-8449-438E-922B-94E5542137BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F05A1F-2227-4166-807B-1BDE2EA8F245",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EECE66B3-3696-4E98-AF63-DF2FB256A6FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E75BB382-6B47-4C6A-BF94-80443BEB1A23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFA75368-506F-4772-B0F2-8AAECDF288F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDDD9E5C-766F-4945-B87D-781E780AB03E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48C0BB5-2D87-49ED-A8EB-843E5F0EAE8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6AAA17D-FBB8-4F54-82E2-870D6FA5C299",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2A0CAEE-5C14-44C6-85FB-6AFDAAA1C3F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "66BE667A-A937-4C38-B4D5-29B33F23F7B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A3624D4-E666-4A1B-B465-714ACBA0034C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A7CBC45-320E-48CF-9A63-07DDE2FB61BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "266E32CD-66FB-4E19-8091-EC748B177D8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3DD9120-2224-4612-A6EE-539F47BD50E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A9FBA02-8A6A-471F-92CD-D8E77B5061C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B5BC7E8-4C8A-4183-AB8C-1DAE12935387",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0F9137B-D13F-488B-8196-85E06FAB682E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "82F257F4-CB62-4C6F-8866-AA253EC8C0C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "79AB6F6F-2FE3-4FC3-9009-D40EA852711F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82F4D88-779D-4D5D-96CD-2B31B61BA29E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA0DABD9-DE15-4619-8668-0277A67F5205",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A80D1CBE-DA6D-4939-A4A4-8F237C97F76C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "40BEC573-A346-4F07-8053-A5F6E92A343C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A777651-D2B2-47E0-A13C-BD667635F3E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B017F95A-90F8-4DE4-B74F-ABB712F32987",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1503C4CB-5D58-4523-860C-4B637AD91CB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "55050BF2-A950-45FF-8CD7-7689431AD82A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1253161D-F1C8-46D6-B970-20335071500E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE401B3-6291-4EA8-8800-0350BAC0B22E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C0D45AE-F0FE-4005-80FB-FEFD2DCCE7D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5663CAA-0859-447E-8489-02CE4315DF91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "480AE325-6DE1-4769-A931-0C6F40D15267",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE23B6C2-354C-47BE-87B9-D4A0A3EE8ADC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC657077-8955-4CE6-93D8-F78B1BA3A949",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "43FADD00-822C-4BA2-A39F-1459AD786683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D863DE9E-FD9E-4EA1-9615-02D678813AB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.8.4:a:*:*:*:*:*:*",
              "matchCriteriaId": "3ABD501B-351E-4B4E-9B0B-CF8DCBC72E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA39559-D170-4644-B04D-D6D806B5F33C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54954434-86BC-403C-949D-E9DA8931FE6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.8.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9A88E6C-BE39-4668-BD0F-EBDBA41010F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA7BF77C-68A1-421B-A446-6206354CA7FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF45B5A6-0D49-494F-98A0-CCCBB0CBB882",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB874C78-3F05-4053-A685-40DE7055359C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.9.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BC0FFB2-58E1-47D2-ACB0-9102D4E09675",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:2.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "654F2F75-42D4-4D7A-A8B8-F1C580ABDCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A684588-4D37-4817-9A1A-BF2E70EC8F7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "05D3E145-ECF8-4BAD-9471-4E4605887B18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "525887EE-50DB-4739-8897-A0D19D486CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DC19614-2A59-4A49-B824-35975502B38F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E2DDB9C-E1D7-4DBD-A27C-93C9A9C0B7E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "832F89CB-595B-407A-A27C-F655F7112830",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "89977E0E-694C-49FA-814D-D356EC9294C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "88D1E83C-39AC-4E3D-874A-AF0F16ADDE41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "65FD149E-8CF4-46FE-9F5E-9DEE61B4164C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23F1397-7262-4B61-8061-83C2ED731DB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C85D16FE-BB31-4866-8F85-22F1C0F1131D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3446B691-B59E-4FCC-9F88-385AED59CBA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "47275886-14AC-4BD2-BAE7-5203A9D6D6B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.2:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "D8169A02-1AB3-4104-BA42-A934CA94B343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "07D26683-3F22-4BAD-BD4F-CB712DB8F855",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "648439C2-2459-4AB3-9E9A-B63F5030A4AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13CF5422-62D0-4777-AA94-5C166AEA4AA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "19420CF9-1B33-422F-8D47-A8FE58F84944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6EA8986-0845-4F67-9429-C6DAA0006C85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7FE29FD-889A-449D-BD1F-648F06D81F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F6C04D0-05E9-41C8-B15B-A3A0DBFE0E9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3631CE91-D41D-4758-B3D2-3950BC0E2455",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "27C92877-5046-4F04-A173-3A327ADACCE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AACC9C9-83F3-4430-89C8-63D8696D2143",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E89BDE1-E39E-427D-9F4D-6D82B2A63579",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "85AF22E6-6C7E-4F91-835D-A28A38420C0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A3AEA5A-7557-4D45-87B3-4B7149EDE535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4D38621-9941-4D03-91D7-3902930546A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:wordpress:wordpress:3.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "934CC6A1-D5E4-468C-B31D-F5C7B02FCE6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The wp_validate_auth_cookie function in wp-includes/pluggable.php in WordPress before 3.7.2 and 3.8.x before 3.8.2 does not properly determine the validity of authentication cookies, which makes it easier for remote attackers to obtain access via a forged cookie."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n wp_validate_auth_cookie en wp-includes/pluggable.php en WordPress anterior a 3.7.2 y 3.8.x anterior a 3.8.2 no determina debidamente la validez de cookies de autenticaci\u00f3n, lo que facilita a atacantes remotos obtener acceso a trav\u00e9s de una cookie falsificada."
    }
  ],
  "id": "CVE-2014-0166",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-04-10T00:55:09.530",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://codex.wordpress.org/Version_3.7.2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://codex.wordpress.org/Version_3.8.2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://core.trac.wordpress.org/changeset/28054"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2014/dsa-2901"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1085858"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://codex.wordpress.org/Version_3.7.2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://codex.wordpress.org/Version_3.8.2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://core.trac.wordpress.org/changeset/28054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2014/dsa-2901"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1085858"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2014-0166 (GCVE-0-2014-0166)

Vulnerability from cvelistv5 – Published: 2014-04-09 23:00 – Updated: 2024-08-06 09:05

Summary

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2014-0166

CVE-2014-0166 (GCVE-0-2014-0166)

Tags

Sightings

Nomenclature