Total
191 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-47107 | 1 Thm | 1 Pilos | 2024-11-21 | 8.8 High |
| PILOS is an open source front-end for BigBlueButton servers with a built-in load balancer. The password reset component deployed within PILOS uses the hostname supplied within the request host header when building a password reset URL. It may be possible to manipulate the URL sent to PILOS users when so that it points to the attackers server thereby disclosing the password reset token if/when the link is followed. This only affects local user accounts and requires the password reset option to be enabled. This issue has been patched in version 2.3.0. | ||||
| CVE-2023-46138 | 1 Fit2cloud | 1 Jumpserver | 2024-11-21 | 3.7 Low |
| JumpServer is an open source bastion host and maintenance security audit system that complies with 4A specifications. Prior to version 3.8.0, the default email for initial user admin is `admin[@]mycompany[.]com`, and users reset their passwords by sending an email. Currently, the domain `mycompany.com` has not been registered. However, if it is registered in the future, it may affect the password reset functionality. This issue has been patched in version 3.8.0 by changing the default email domain to `example.com`. Those who cannot upgrade may change the default email domain to `example.com` manually. | ||||
| CVE-2023-44399 | 1 Zitadel | 1 Zitadel | 2024-11-21 | 5.3 Medium |
| ZITADEL provides identity infrastructure. In versions 2.37.2 and prior, ZITADEL administrators can enable a setting called "Ignoring unknown usernames" which helps mitigate attacks that try to guess/enumerate usernames. While this settings was properly working during the authentication process it did not work correctly on the password reset flow. This meant that even if this feature was active that an attacker could use the password reset function to verify if an account exist within ZITADEL. This bug has been patched in versions 2.37.3 and 2.38.0. No known workarounds are available. | ||||
| CVE-2023-42481 | 1 Sap | 1 Commerce Cloud | 2024-11-21 | 8.1 High |
| In SAP Commerce Cloud - versions HY_COM 1905, HY_COM 2005, HY_COM2105, HY_COM 2011, HY_COM 2205, COM_CLOUD 2211, a locked B2B user can misuse the forgotten password functionality to un-block his user account again and re-gain access if SAP Commerce Cloud - Composable Storefront is used as storefront, due to weak access controls in place. This leads to a considerable impact on confidentiality and integrity. | ||||
| CVE-2023-3222 | 1 Password Recovery Project | 1 Password Recovery | 2024-11-21 | 7.5 High |
| Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing user´s password by adding a 6-digit numeric token. An attacker could create an automatic script to test all possible values because the platform has no limit on the number of requests. | ||||
| CVE-2023-3007 | 1 Student Management System Project | 1 Student Management System | 2024-11-21 | 6.5 Medium |
| A vulnerability was found in ningzichun Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file resetPassword.php of the component Password Reset Handler. The manipulation of the argument sid leads to weak password recovery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-230354 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-35717 | 2024-11-21 | N/A | ||
| TP-Link Tapo C210 Password Recovery Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link Tapo C210 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the password recovery mechanism. The issue results from reliance upon the secrecy of the password derivation algorithm when generating a recovery password. An attacker can leverage this vulnerability to bypass authentication on the system. . Was ZDI-CAN-20484. | ||||
| CVE-2023-35134 | 1 Weintek | 1 Weincloud | 2024-11-21 | 7.4 High |
| Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only. | ||||
| CVE-2023-34357 | 1 Scshr | 1 Hr Portal | 2024-11-21 | 7.8 High |
| Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The reset password link sent out through e-mail, and the link will remain valid after the password has been reset and after the expected expiration date. An attacker with access to the browser history or has the line can thus use the URL again to change the password in order to take over the account. | ||||
| CVE-2022-44004 | 1 Backclick | 1 Backclick | 2024-11-21 | 9.8 Critical |
| An issue was discovered in BACKCLICK Professional 5.9.63. Due to insecure design or lack of authentication, unauthenticated attackers can complete the password-reset process for any account and set a new password. | ||||
| CVE-2022-3485 | 1 Ifm | 4 Moneo Qha200, Moneo Qha200 Firmware, Moneo Qha210 and 1 more | 2024-11-21 | 9.8 Critical |
| In IFM Moneo Appliance with version up to 1.9.3 an unauthenticated remote attacker can reset the administrator password by only supplying the serial number and thus gain full control of the device. | ||||
| CVE-2022-37300 | 1 Schneider-electric | 70 Ecostruxure Control Expert, Ecostruxure Process Expert, Modicon M340 Bmxp341000 and 67 more | 2024-11-21 | 9.8 Critical |
| A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and write mode to the controller when communicating over Modbus. Affected Products: EcoStruxure Control Expert Including all Unity Pro versions (former name of EcoStruxure Control Expert) (V15.0 SP1 and prior), EcoStruxure Process Expert, Including all versions of EcoStruxure Hybrid DCS (former name of EcoStruxure Process Expert) (V2021 and prior), Modicon M340 CPU (part numbers BMXP34*) (V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*) (V3.20 and prior). | ||||
| CVE-2022-34530 | 1 Backdropcms | 1 Backdrop Cms | 2024-11-21 | 5.3 Medium |
| An issue in the login and reset password functionality of Backdrop CMS v1.22.0 allows attackers to enumerate usernames via password reset requests and distinct responses returned based on usernames. | ||||
| CVE-2022-29933 | 1 Craftcms | 1 Craft Cms | 2024-11-21 | 8.8 High |
| Craft CMS through 3.7.36 allows a remote unauthenticated attacker, who knows at least one valid username, to reset the account's password and take over the account by providing a crafted HTTP header to the application while using the password reset functionality. Specifically, the attacker must send X-Forwarded-Host to the /index.php?p=admin/actions/users/send-password-reset-email URI. NOTE: the vendor's position is that a customer can already work around this by adjusting the configuration (i.e., by not using the default configuration). | ||||
| CVE-2022-29174 | 1 Count | 1 Countly Server | 2024-11-21 | 8.1 High |
| countly-server is the server-side part of Countly, a product analytics solution. Prior to versions 22.03.7 and 21.11.4, a malicious actor who knows an account email address/username and full name specified in the database is capable of guessing the password reset token. The actor may use this information to reset the password and take over the account. The problem has been patched in Countly Server version 22.03.7 for servers using the new user interface and in 21.11.4 for servers using the old user interface. | ||||
| CVE-2022-27157 | 1 Php | 1 Pearweb | 2024-11-21 | 9.8 Critical |
| pearweb < 1.32 is suffers from a Weak Password Recovery Mechanism via include/users/passwordmanage.php. | ||||
| CVE-2022-24892 | 1 Shopware | 1 Shopware | 2024-11-21 | 6.4 Medium |
| Shopware is an open source e-commerce software platform. Starting with version 5.0.4 and before version 5.7.9, multiple tokens for password reset can be requested. All tokens can be used to change the password. This makes it possible for an attacker to take over the victim's account if they somehow gain access to the victims email account and find an unused password reset token in the emails. This issue is fixed in version 5.7.9. | ||||
| CVE-2022-23855 | 1 Saviynt | 1 Enterprise Identity Cloud | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. An authentication bypass in ECM/maintenance/forgotpasswordstep1 allows an unauthenticated user to reset passwords and login as any local account. | ||||
| CVE-2022-23619 | 1 Xwiki | 1 Xwiki | 2024-11-21 | 5.3 Medium |
| XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible to guess if a user has an account on the wiki by using the "Forgot your password" form, even if the wiki is closed to guest users. This problem has been patched on XWiki 12.10.9, 13.4.1 and 13.6RC1. Users are advised yo update. There are no known workarounds for this issue. | ||||
| CVE-2022-23172 | 1 Priority-software | 1 Priority | 2024-11-21 | 5.5 Medium |
| An attacker can access to "Forgot my password" button, as soon as he puts users is valid in the system, the system would issue a message that a password reset email had been sent to user. This way you can verify which users are in the system and which are not. | ||||