Total
156 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-49589 | 1 Wwbn | 1 Avideo | 2024-01-17 | 8.8 High |
| An insufficient entropy vulnerability exists in the userRecoverPass.php recoverPass generation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to an arbitrary user password recovery. An attacker can send an HTTP request to trigger this vulnerability. | ||||
| CVE-2023-49097 | 1 Zitadel | 1 Zitadel | 2023-12-08 | 8.8 High |
| ZITADEL is an identity infrastructure system. ZITADEL uses the notification triggering requests Forwarded or X-Forwarded-Host header to build the button link sent in emails for confirming a password reset with the emailed code. If this header is overwritten and a user clicks the link to a malicious site in the email, the secret code can be retrieved and used to reset the users password and take over his account. Accounts with MFA or Passwordless enabled can not be taken over by this attack. This issue has been patched in versions 2.41.6, 2.40.10 and 2.39.9. | ||||
| CVE-2023-4214 | 1 Apppresser | 1 Apppresser | 2023-11-25 | 9.8 Critical |
| The AppPresser plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 4.2.5. This is due to the plugin generating too weak a reset code, and the code used to reset the password has no attempt or time limit. | ||||
| CVE-2023-47107 | 1 Thm | 1 Pilos | 2023-11-16 | 8.8 High |
| PILOS is an open source front-end for BigBlueButton servers with a built-in load balancer. The password reset component deployed within PILOS uses the hostname supplied within the request host header when building a password reset URL. It may be possible to manipulate the URL sent to PILOS users when so that it points to the attackers server thereby disclosing the password reset token if/when the link is followed. This only affects local user accounts and requires the password reset option to be enabled. This issue has been patched in version 2.3.0. | ||||
| CVE-2023-46138 | 1 Fit2cloud | 1 Jumpserver | 2023-11-08 | 5.3 Medium |
| JumpServer is an open source bastion host and maintenance security audit system that complies with 4A specifications. Prior to version 3.8.0, the default email for initial user admin is `admin[@]mycompany[.]com`, and users reset their passwords by sending an email. Currently, the domain `mycompany.com` has not been registered. However, if it is registered in the future, it may affect the password reset functionality. This issue has been patched in version 3.8.0 by changing the default email domain to `example.com`. Those who cannot upgrade may change the default email domain to `example.com` manually. | ||||
| CVE-2023-5840 | 1 Linkstack | 1 Linkstack | 2023-11-08 | 8.8 High |
| Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9. | ||||
| CVE-2022-3485 | 1 Ifm | 4 Moneo Qha200, Moneo Qha200 Firmware, Moneo Qha210 and 1 more | 2023-11-07 | 9.8 Critical |
| In IFM Moneo Appliance with version up to 1.9.3 an unauthenticated remote attacker can reset the administrator password by only supplying the serial number and thus gain full control of the device. | ||||
| CVE-2021-22763 | 1 Schneider-electric | 10 Powerlogic Pm5560, Powerlogic Pm5560 Firmware, Powerlogic Pm5561 and 7 more | 2023-11-07 | 9.8 Critical |
| A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for version infromation) that could allow an attacker administrator level access to a device. | ||||
| CVE-2019-20004 | 1 Intelbras | 2 Iwr 3000n, Iwr 3000n Firmware | 2023-11-07 | 8.8 High |
| An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router. | ||||
| CVE-2019-19844 | 2 Canonical, Djangoproject | 2 Ubuntu Linux, Django | 2023-11-07 | 9.8 Critical |
| Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.) | ||||
| CVE-2019-12943 | 1 Ttlock | 1 Ttlock | 2023-11-07 | 8.1 High |
| TTLock devices do not properly restrict password-reset attempts, leading to incorrect access control and disclosure of sensitive information about valid account names. | ||||
| CVE-2023-44399 | 1 Zitadel | 1 Zitadel | 2023-10-23 | 5.3 Medium |
| ZITADEL provides identity infrastructure. In versions 2.37.2 and prior, ZITADEL administrators can enable a setting called "Ignoring unknown usernames" which helps mitigate attacks that try to guess/enumerate usernames. While this settings was properly working during the authentication process it did not work correctly on the password reset flow. This meant that even if this feature was active that an attacker could use the password reset function to verify if an account exist within ZITADEL. This bug has been patched in versions 2.37.3 and 2.38.0. No known workarounds are available. | ||||
| CVE-2023-43650 | 1 Fit2cloud | 1 Jumpserver | 2023-10-02 | 7.4 High |
| JumpServer is an open source bastion host. The verification code for resetting user's password is vulnerable to brute-force attacks due to the absence of rate limiting. JumpServer provides a feature allowing users to reset forgotten passwords. Affected users are sent a 6-digit verification code, ranging from 000000 to 999999, to facilitate the password reset. Although the code is only available in 1 minute, this window potentially allows for up to 1,000,000 validation attempts. This issue has been addressed in versions 2.28.20 and 3.7.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-4096 | 1 Fujitsu | 1 Arconte Aurea | 2023-09-21 | 8.2 High |
| Weak password recovery mechanism vulnerability in Fujitsu Arconte Áurea version 1.5.0.0, which exploitation could allow an attacker to perform a brute force attack on the emailed PIN number in order to change the password of a legitimate user. | ||||
| CVE-2023-34357 | 1 Scshr | 1 Hr Portal | 2023-09-12 | 7.8 High |
| Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The reset password link sent out through e-mail, and the link will remain valid after the password has been reset and after the expected expiration date. An attacker with access to the browser history or has the line can thus use the URL again to change the password in order to take over the account. | ||||
| CVE-2023-3222 | 1 Password Recovery Project | 1 Password Recovery | 2023-09-08 | 7.5 High |
| Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing user´s password by adding a 6-digit numeric token. An attacker could create an automatic script to test all possible values because the platform has no limit on the number of requests. | ||||
| CVE-2022-23855 | 1 Saviynt | 1 Enterprise Identity Cloud | 2023-08-08 | 9.8 Critical |
| An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An authentication bypass in ECM/maintenance/forgotpasswordstep1 allows an unauthenticated user to reset passwords and login as any local account. | ||||
| CVE-2022-26872 | 1 Ami | 1 Megarac Sp-x | 2023-07-31 | 8.8 High |
| AMI Megarac Password reset interception via API | ||||
| CVE-2023-35134 | 1 Weintek | 1 Weincloud | 2023-07-26 | 5.9 Medium |
| Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only. | ||||
| CVE-2023-26615 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2023-07-05 | 7.5 High |
| D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password. | ||||