Weak Password Recovery Mechanism for Forgotten Password

The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.

CVEs (269)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-16529 1Forcepoint 1Email Security Nov 21, 2024 Mar 28, 2019 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after the intended expiration period or after the URL has already been used to reset a password.
CVE-2018-19488 1Wp Jobhunt Project 1Wp Jobhunt Nov 21, 2024 Mar 21, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_reset_pass() function through the admin-ajax.php file, which allows remote unauthenticated attackers to reset the passw...Show more The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_reset_pass() function through the admin-ajax.php file, which allows remote unauthenticated attackers to reset the password of a user's account.Show less
CVE-2018-0696 1Osstech 1Openam Nov 21, 2024 Feb 13, 2019 N/A· v4 7.5 HIGH· v3 3.5 LOW· v2 OpenAM (Open Source Edition) 13.0 and later does not properly manage sessions, which allows remote authenticated attackers to change the security questions and reset the login password via unspecified vectors.
CVE-2018-18871 1Gigasetpro 1Maxwell Basic Firmware Nov 21, 2024 Dec 20, 2018 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 Missing password verification in the web interface on Gigaset Maxwell Basic VoIP phones with firmware 2.22.7 would allow a remote attacker (in the same network as the device) to change the admin password without authenti...Show more Missing password verification in the web interface on Gigaset Maxwell Basic VoIP phones with firmware 2.22.7 would allow a remote attacker (in the same network as the device) to change the admin password without authentication (and without knowing the original password).Show less
CVE-2018-1000812 1Artica 1Integria Ims Nov 21, 2024 Dec 20, 2018 N/A· v4 8.1 HIGH· v3 4.3 MEDIUM· v2 Artica Integria IMS version 5.0 MR56 Package 58, likely earlier versions contains a CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password recovery process, line 45 of general/password...Show more Artica Integria IMS version 5.0 MR56 Package 58, likely earlier versions contains a CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password recovery process, line 45 of general/password_recovery.php that can result in IntegriaIMS web app user accounts can be taken over. This attack appear to be exploitable via Network access to IntegriaIMS web interface . This vulnerability appears to have been fixed in fixed in versions released after commit f2ff0ba821644acecb893483c86a9c4d3bb75047.Show less
CVE-2018-12315 1Asustor 1Data Master Nov 21, 2024 Dec 4, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Missing verification of a password in ASUSTOR ADM version 3.1.1 allows attackers to change account passwords without entering the current password.
CVE-2018-7811 1Schneider Electric 4Modicom Bmxnor0200h Firmware Modicom M340 FirmwareModicom Premium Firmware+1 more Nov 21, 2024 Nov 30, 2018 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the change password func...Show more An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the change password function of the web serverShow less
CVE-2018-7809 1Schneider Electric 4Modicom Bmxnor0200h Firmware Modicom M340 FirmwareModicom Premium Firmware+1 more Nov 21, 2024 Nov 30, 2018 N/A· v4 9.8 CRITICAL· v3 6.4 MEDIUM· v2 An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the password delete func...Show more An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the password delete function of the web server.Show less
CVE-2018-17881 1D Link 1Dir 823g Firmware Nov 21, 2024 Oct 3, 2018 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 SetPasswdSettings commands without authentication to trigger an admin password change.
CVE-2018-17401 1Phonepe 1Phonepe Nov 21, 2024 Sep 23, 2018 N/A· v4 8.8 HIGH· v3 4.3 MEDIUM· v2 The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to perform Account Takeover attacks by exploiting its Forgot Password feature. NOTE: the vendor says that, to e...Show more The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to perform Account Takeover attacks by exploiting its Forgot Password feature. NOTE: the vendor says that, to exploit this, the user has to explicitly install a malicious app and provide accessibility permission to the malicious app, that the Android platform provides fair warnings to the users before turning on accessibility for any application, and that it believes it is similar to installing malicious keyboards, or malicious apps taking screenshotsShow less
CVE-2018-17298 1Enalean 1Tuleap Nov 21, 2024 Sep 21, 2018 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 An issue was discovered in Enalean Tuleap before 10.5. Reset password links are not invalidated after a user changes its password.
CVE-2018-12579 1Oxid Esales 1Eshop Nov 21, 2024 Aug 20, 2018 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 An issue was discovered in OXID eShop Enterprise Edition before 5.3.8, 6.0.x before 6.0.3, and 6.1.x before 6.1.0; Professional Edition before 4.10.8, 5.x and 6.0.x before 6.0.3, and 6.1.x before 6.1.0; and Community Edi...Show more An issue was discovered in OXID eShop Enterprise Edition before 5.3.8, 6.0.x before 6.0.3, and 6.1.x before 6.1.0; Professional Edition before 4.10.8, 5.x and 6.0.x before 6.0.3, and 6.1.x before 6.1.0; and Community Edition before 4.10.8, 5.x and 6.0.x before 6.0.3, and 6.1.x before 6.1.0. An attacker could gain access to the admin panel or a customer account when using the password reset function. To do so, it is required to own a domain name similar to the one the victim uses for their e-mail accounts.Show less
CVE-2017-2614 1Redhat 1Enterprise Virtualization Nov 21, 2024 Jul 27, 2018 N/A· v4 6.3 MEDIUM· v3 2.1 LOW· v2 When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the...Show more When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts.Show less
CVE-2017-0921 1Gitlab 1Gitlab Nov 21, 2024 Jul 3, 2018 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an unverified password change issue in the PasswordsController component resulting in potential account takeover if a victim's...Show more GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an unverified password change issue in the PasswordsController component resulting in potential account takeover if a victim's session is compromised.Show less
CVE-2018-1000554 1Trovebox 1Trovebox Nov 21, 2024 Jun 26, 2018 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 Trovebox version <= 4.0.0-rc6 contains a Unsafe password reset token generation vulnerability in user component that can result in Password reset. This attack appear to be exploitable via HTTP request. This vulnerability...Show more Trovebox version <= 4.0.0-rc6 contains a Unsafe password reset token generation vulnerability in user component that can result in Password reset. This attack appear to be exploitable via HTTP request. This vulnerability appears to have been fixed in after commit 742b8ed.Show less
CVE-2018-1000501 1Instant Update 1Instant Update Cms Nov 21, 2024 Jun 26, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Instant Update CMS contains a Password Reset Vulnerability vulnerability in /iu-application/controllers/administration/auth.php that can result in Account Tackover. This attack appear to be exploitable via network connec...Show more Instant Update CMS contains a Password Reset Vulnerability vulnerability in /iu-application/controllers/administration/auth.php that can result in Account Tackover. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in v0.3.3.Show less
CVE-2018-12421 1Ltb Project 1Ldap Tool Box Self Service Password Nov 21, 2024 Jun 14, 2018 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a user password (without knowing the old password) via a crafted POST request, because the ldap_bind return value is mishandled and the PHP data...Show more LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a user password (without knowing the old password) via a crafted POST request, because the ldap_bind return value is mishandled and the PHP data type is not constrained to be a string.Show less
CVE-2018-8916 1Synology 1Diskstation Manager Jan 14, 2025 Jun 8, 2018 N/A· v4 8.8 HIGH· v3 4.0 MEDIUM· v2 Unverified password change vulnerability in Change Password in Synology DiskStation Manager (DSM) before 6.2-23739 allows remote authenticated users to reset password without verification.
CVE-2018-11134 1Quest 1Kace System Management Appliance Nov 21, 2024 May 31, 2018 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 In order to perform actions that requires higher privileges, the Quest KACE System Management Appliance 8.0.318 relies on a message queue managed that runs with root privileges and only allows a set of commands. One of t...Show more In order to perform actions that requires higher privileges, the Quest KACE System Management Appliance 8.0.318 relies on a message queue managed that runs with root privileges and only allows a set of commands. One of the available commands allows changing any user's password (including root). A low-privilege user could abuse this feature by changing the password of the 'kace_support' account, which comes disabled by default but has full sudo privileges.Show less
CVE-2018-10210 1Vaultize 1Enterprise File Sharing May 30, 2025 Apr 25, 2018 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. Enumeration of users is possible through the password-reset feature.

Previous 1...10 111213 14 Next