CVE-2016-9129 - OpenCVE

Revive Adserver before 3.2.3 suffers from Information Exposure Through Discrepancy. It is possible to check whether or not an email address was associated to one or more user accounts on a target Revive Adserver instance by examining the message printed by the password recovery system. Such information cannot however be used directly to log in to the system, which requires a username.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Revive-adserver	Revive Adserver

Configuration 1 [-]

cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/revive-adserver/revive-adserver/commit/38223a841190bebd7a137c7bed84fbbcb2b0c2a5	Issue Tracking Patch Third Party Advisory
https://hackerone.com/reports/98612	Permissions Required
https://www.revive-adserver.com/security/revive-sa-2016-001/	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: hackerone

Published: 2017-03-28T02:46:00

Updated: 2017-03-28T02:57:01

Reserved: 2016-10-31T00:00:00

Link: CVE-2016-9129

JSON object: View

NVD Information

Status : Modified

Published: 2017-03-28T02:59:00.527

Modified: 2019-10-09T23:20:19.367

Link: CVE-2016-9129

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Revive Adserver All versions before 3.2.3", "vendor": "n/a", "versions": [{"status": "affected", "version": "Revive Adserver All versions before 3.2.3"}]}], "datePublic": "2017-03-27T00:00:00", "descriptions": [{"lang": "en", "value": "Revive Adserver before 3.2.3 suffers from Information Exposure Through Discrepancy. It is possible to check whether or not an email address was associated to one or more user accounts on a target Revive Adserver instance by examining the message printed by the password recovery system. Such information cannot however be used directly to log in to the system, which requires a username."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-203", "description": "Information Exposure Through Discrepancy (CWE-203)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2017-03-28T02:57:01", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://hackerone.com/reports/98612"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/revive-adserver/revive-adserver/commit/38223a841190bebd7a137c7bed84fbbcb2b0c2a5"}, {"tags": ["x_refsource_MISC"], "url": "https://www.revive-adserver.com/security/revive-sa-2016-001/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "support@hackerone.com", "ID": "CVE-2016-9129", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Revive Adserver All versions before 3.2.3", "version": {"version_data": [{"version_value": "Revive Adserver All versions before 3.2.3"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Revive Adserver before 3.2.3 suffers from Information Exposure Through Discrepancy. It is possible to check whether or not an email address was associated to one or more user accounts on a target Revive Adserver instance by examining the message printed by the password recovery system. Such information cannot however be used directly to log in to the system, which requires a username."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information Exposure Through Discrepancy (CWE-203)"}]}]}, "references": {"reference_data": [{"name": "https://hackerone.com/reports/98612", "refsource": "MISC", "url": "https://hackerone.com/reports/98612"}, {"name": "https://github.com/revive-adserver/revive-adserver/commit/38223a841190bebd7a137c7bed84fbbcb2b0c2a5", "refsource": "MISC", "url": "https://github.com/revive-adserver/revive-adserver/commit/38223a841190bebd7a137c7bed84fbbcb2b0c2a5"}, {"name": "https://www.revive-adserver.com/security/revive-sa-2016-001/", "refsource": "MISC", "url": "https://www.revive-adserver.com/security/revive-sa-2016-001/"}]}}}}, "cveMetadata": {"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2016-9129", "datePublished": "2017-03-28T02:46:00", "dateReserved": "2016-10-31T00:00:00", "dateUpdated": "2017-03-28T02:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:*", "matchCriteriaId": "94F64F5A-ACD3-4AED-82BE-832D7B4801DA", "versionEndIncluding": "3.2.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Revive Adserver before 3.2.3 suffers from Information Exposure Through Discrepancy. It is possible to check whether or not an email address was associated to one or more user accounts on a target Revive Adserver instance by examining the message printed by the password recovery system. Such information cannot however be used directly to log in to the system, which requires a username."}, {"lang": "es", "value": "Revive Adserver en versiones anteriores a 3.2.3 sufre de exposici\u00f3n de informaci\u00f3n a trav\u00e9s de discrepancia. Es posible comprobar si una direcci\u00f3n de correo electr\u00f3nico est\u00e1 o no asociada a una o m\u00e1s cuentas de usuario en una instancia de tarjeta Revive Adserver examinando el mensaje impreso por el sistema de recuperaci\u00f3n de contrase\u00f1as. Sin embargo, dicha informaci\u00f3n no se puede utilizar directamente para iniciar sesi\u00f3n en el sistema, lo que requiere un nombre de usuario."}], "id": "CVE-2016-9129", "lastModified": "2019-10-09T23:20:19.367", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-03-28T02:59:00.527", "references": [{"source": "support@hackerone.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/revive-adserver/revive-adserver/commit/38223a841190bebd7a137c7bed84fbbcb2b0c2a5"}, {"source": "support@hackerone.com", "tags": ["Permissions Required"], "url": "https://hackerone.com/reports/98612"}, {"source": "support@hackerone.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.revive-adserver.com/security/revive-sa-2016-001/"}], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-203"}], "source": "support@hackerone.com", "type": "Secondary"}]}