CVE-2023-3221 - OpenCVE

User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Password Recovery Project	Password Recovery

Configuration 1 [-]

cpe:2.3:a:password_recovery_project:password_recovery:1.2:*:*:*:*:roundcube:*:*

References

Link	Resource
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-roundcube-password-recovery-plugin	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: INCIBE

Published: 2023-09-04T12:31:30.699Z

Updated: 2023-09-04T12:31:30.699Z

Reserved: 2023-06-13T15:40:01.925Z

Link: CVE-2023-3221

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-09-04T13:15:32.853

Modified: 2023-09-08T14:12:14.190

Link: CVE-2023-3221

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-3221", "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "state": "PUBLISHED", "assignerShortName": "INCIBE", "dateReserved": "2023-06-13T15:40:01.925Z", "datePublished": "2023-09-04T12:31:30.699Z", "dateUpdated": "2023-09-04T12:31:30.699Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Password Recovery Plugin", "vendor": "AlfnRU", "versions": [{"status": "affected", "version": "1.2"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Pedro Jos\u00e9 Navas P\u00e9rez"}], "datePublic": "2023-08-31T12:08:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database."}], "value": "User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database."}], "impacts": [{"capecId": "CAPEC-541", "descriptions": [{"lang": "en", "value": "CAPEC-541 Application Fingerprinting"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-204", "description": "CWE-204: Observable Response Discrepancy", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "shortName": "INCIBE", "dateUpdated": "2023-09-04T12:31:30.699Z"}, "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-roundcube-password-recovery-plugin"}], "source": {"discovery": "EXTERNAL"}, "title": "User enumeration vulnerability in Roundcube Password Recovery Plugin", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:password_recovery_project:password_recovery:1.2:*:*:*:*:roundcube:*:*", "matchCriteriaId": "5AC9878D-1A6B-46C0-843F-69EF179F85D6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database."}, {"lang": "es", "value": "Se ha descubierto una vulnerabilidad de enumeraci\u00f3n de usuarios en el plugin Password Recovery versi\u00f3n 1.2 para Roundcube, que podr\u00eda permitir a un atacante remoto crear un script de prueba contra la funci\u00f3n de recuperaci\u00f3n de contrase\u00f1as para enumerar todos los usuarios de la base de datos. "}], "id": "CVE-2023-3221", "lastModified": "2023-09-08T14:12:14.190", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "cve-coordination@incibe.es", "type": "Secondary"}]}, "published": "2023-09-04T13:15:32.853", "references": [{"source": "cve-coordination@incibe.es", "tags": ["Third Party Advisory"], "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-roundcube-password-recovery-plugin"}], "sourceIdentifier": "cve-coordination@incibe.es", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-203"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-204"}], "source": "cve-coordination@incibe.es", "type": "Secondary"}]}