CVE-2018-16988

Published: May 2, 2019Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

An issue was discovered in Open XDMoD through 7.5.0. An authentication bypass (account takeover) exists due to a weak password reset mechanism. A brute-force attack against an MD5 rid value requires only 600 guesses in the plausible situation where the attacker knows that the victim has started a password-reset process (pass_reset.php, password_reset.php, XDUser.php) in the past few minutes.

Affected (4)

Products: Xdmod: Open Xdmod

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Xdmod Open Xdmod	Up to 7.0.1
Xdmod Open Xdmod	Version 7.5.0
Xdmod Open Xdmod	Version 7.5.0 rc1
Xdmod Open Xdmod	Version 7.5.0 rc2

Related CWEs

Weak Password Recovery Mechanism for Forgotten Password

The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.

References (2)

https://github.com/grymer/CVE/blob/master/CVE-2018-16988.md

Source: cve@mitre.org

Third Party Advisory

https://github.com/grymer/CVE/blob/master/CVE-2018-16988.md

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.