VYPR

CWE-640

Weak Password Recovery Mechanism for Forgotten Password

BaseIncompleteLikelihood: High

Description

The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-50

CVEs mapped to this weakness (136)

page 7 of 7
  • CVE-2022-29933May 9, 2022
    risk 0.00cvss epss 0.04

    Craft CMS through 3.7.36 allows a remote unauthenticated attacker, who knows at least one valid username, to reset the account's password and take over the account by providing a crafted HTTP header to the application while using the password reset functionality. Specifically,…

  • CVE-2022-24892Apr 28, 2022
    risk 0.00cvss epss 0.01

    Shopware is an open source e-commerce software platform. Starting with version 5.0.4 and before version 5.7.9, multiple tokens for password reset can be requested. All tokens can be used to change the password. This makes it possible for an attacker to take over the victim's…

  • CVE-2022-0777Mar 1, 2022
    risk 0.00cvss epss 0.01

    Weak Password Recovery Mechanism for Forgotten Password in GitHub repository microweber/microweber prior to 1.3.

  • CVE-2022-23619Feb 9, 2022
    risk 0.00cvss epss 0.01

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible to guess if a user has an account on the wiki by using the "Forgot your password" form, even if the wiki is closed to guest users. This…

  • CVE-2022-22691Jan 18, 2022
    risk 0.00cvss epss 0.01

    The password reset component deployed within Umbraco uses the hostname supplied within the request host header when building a password reset URL. It may be possible to manipulate the URL sent to Umbraco users when so that it points to the attackers server thereby disclosing the…

  • CVE-2021-25957Aug 17, 2021
    risk 0.00cvss epss 0.01

    In “Dolibarr” application, v2.8.1 to v13.0.2 are vulnerable to account takeover via password reset functionality. A low privileged attacker can reset the password of any user in the application using the password reset link the user received through email when requested for…

  • CVE-2021-36804Aug 4, 2021
    risk 0.00cvss epss 0.01

    Akaunting version 2.1.12 and earlier suffers from a password reset spoofing vulnerability, wherein an attacker can proxy password reset requests through a running Akaunting instance, if that attacker knows the target's e-mail address. This issue was fixed in version 2.1.13 of…

  • CVE-2021-33321Aug 3, 2021
    risk 0.00cvss epss 0.01

    Insecure default configuration in Liferay Portal 6.2.3 through 7.3.2, and Liferay DXP before 7.3, allows remote attackers to enumerate user email address via the forgot password functionality. The portal.property login.secure.forgot.password should be defaulted to true.

  • CVE-2021-28128May 6, 2021
    risk 0.00cvss epss 0.01

    In Strapi through 3.6.0, the admin panel allows the changing of one's own password without entering the current password. An attacker who gains access to a valid session can use this to take over an account by changing the password.

  • CVE-2021-30185Apr 7, 2021
    risk 0.00cvss epss 0.01

    CERN Indico before 2.3.4 can use an attacker-supplied Host header in a password reset link.

  • CVE-2017-18908Jun 19, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2. A password-reset request was sometime sent to an attacker-provided e-mail address.

  • CVE-2019-19844Dec 18, 2019
    risk 0.00cvss epss 0.35

    Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token…

  • CVE-2019-15929Oct 24, 2019
    risk 0.00cvss epss 0.02

    In Craft CMS through 3.1.7, the elevated session password prompt was not being rate limited like normal login forms, leading to the possibility of a brute force attempt on them.

  • CVE-2019-10641Apr 17, 2019
    risk 0.00cvss epss 0.01

    Contao before 3.5.39 and 4.x before 4.7.3 has a Weak Password Recovery Mechanism for a Forgotten Password.

  • CVE-2018-1000501CriJun 26, 2018
    risk 0.00cvss 9.8epss 0.02

    Instant Update CMS contains a Password Reset Vulnerability vulnerability in /iu-application/controllers/administration/auth.php that can result in Account Tackover. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in…

  • CVE-2017-12161HigFeb 21, 2018
    risk 0.00cvss 8.8epss 0.01

    It was found that keycloak before 3.4.2 final would permit misuse of a client-side /etc/hosts entry to spoof a URL in a password reset request. An attacker could use this flaw to craft a malicious password reset request and gain a valid reset token, leading to information…