Vulnerabilities (CVE)

Filtered by CWE-640
Total 165 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-10641 1 Contao 1 Contao Cms 2024-02-28 5.0 MEDIUM 9.8 CRITICAL
Contao before 3.5.39 and 4.x before 4.7.3 has a Weak Password Recovery Mechanism for a Forgotten Password.
CVE-2019-12943 1 Ttlock 1 Ttlock 2024-02-28 2.6 LOW 8.1 HIGH
TTLock devices do not properly restrict password-reset attempts, leading to incorrect access control and disclosure of sensitive information about valid account names.
CVE-2019-3787 1 Pivotal Software 1 Cloud Foundry Uaa-release 2024-02-28 4.3 MEDIUM 8.8 HIGH
Cloud Foundry UAA, versions prior to 73.0.0, falls back to appending “unknown.org” to a user's email address when one is not provided and the user name does not contain an @ character. This domain is held by a private company, which leads to attack vectors including password recovery emails sent to a potentially fraudulent address. This would allow the attacker to gain complete control of the user's account.
CVE-2019-12476 2 Microsoft, Zohocorp 2 Windows, Manageengine Adselfservice Plus 2024-02-28 7.2 HIGH 6.8 MEDIUM
An authentication bypass vulnerability in the password reset functionality in Zoho ManageEngine ADSelfService Plus before 5.0.6 allows an attacker with physical access to gain a shell with SYSTEM privileges via the restricted thick client browser. The attack uses a long sequence of crafted keyboard input.
CVE-2018-19488 1 Wp-jobhunt Project 1 Wp-jobhunt 2024-02-28 7.5 HIGH 9.8 CRITICAL
The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_reset_pass() function through the admin-ajax.php file, which allows remote unauthenticated attackers to reset the password of a user's account.
CVE-2019-13240 1 Glpi-project 1 Glpi 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
An issue was discovered in GLPI before 9.4.1. After a successful password reset by a user, it is possible to change that user's password again during the next 24 hours without any information except the associated email address.
CVE-2019-11393 1 Tildeslash 1 Monit 2024-02-28 5.0 MEDIUM 9.8 CRITICAL
An issue was discovered in /admin/users/update in M/Monit before 3.7.3. It allows unprivileged users to escalate their privileges to an administrator by requesting a password change and specifying the admin parameter.
CVE-2019-10270 1 Ultimatemember 1 Ultimate Member 2024-02-28 4.0 MEDIUM 8.8 HIGH
An arbitrary password reset issue was discovered in the Ultimate Member plugin 2.39 for WordPress. It is possible (due to lack of verification and correlation between the reset password key sent by mail and the user_id parameter) to reset the password of another user. One only needs to know the user_id, which is publicly available. One just has to intercept the password modification request and modify user_id. It is possible to modify the passwords for any users or admin WordPress Ultimate Members. This could lead to account compromise and privilege escalation.
CVE-2018-16988 1 Xdmod 1 Open Xdmod 2024-02-28 5.0 MEDIUM 9.8 CRITICAL
An issue was discovered in Open XDMoD through 7.5.0. An authentication bypass (account takeover) exists due to a weak password reset mechanism. A brute-force attack against an MD5 rid value requires only 600 guesses in the plausible situation where the attacker knows that the victim has started a password-reset process (pass_reset.php, password_reset.php, XDUser.php) in the past few minutes.
CVE-2018-16529 1 Forcepoint 1 Email Security 2024-02-28 5.0 MEDIUM 9.8 CRITICAL
A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after the intended expiration period or after the URL has already been used to reset a password.
CVE-2018-7811 1 Schneider-electric 8 Modicom Bmxnor0200h, Modicom Bmxnor0200h Firmware, Modicom M340 and 5 more 2024-02-28 5.0 MEDIUM 9.8 CRITICAL
An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the change password function of the web server
CVE-2018-12315 1 Asustor 2 As602t, Data Master 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
Missing verification of a password in ASUSTOR ADM version 3.1.1 allows attackers to change account passwords without entering the current password.
CVE-2018-0696 1 Osstech 1 Openam 2024-02-28 3.5 LOW 7.5 HIGH
OpenAM (Open Source Edition) 13.0 and later does not properly manage sessions, which allows remote authenticated attackers to change the security questions and reset the login password via unspecified vectors.
CVE-2018-17881 2 D-link, Dlink 2 Dir-823g Firmware, Dir-823g 2024-02-28 5.0 MEDIUM 9.8 CRITICAL
On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 SetPasswdSettings commands without authentication to trigger an admin password change.
CVE-2018-12579 1 Oxid-esales 1 Eshop 2024-02-28 6.8 MEDIUM 8.1 HIGH
An issue was discovered in OXID eShop Enterprise Edition before 5.3.8, 6.0.x before 6.0.3, and 6.1.x before 6.1.0; Professional Edition before 4.10.8, 5.x and 6.0.x before 6.0.3, and 6.1.x before 6.1.0; and Community Edition before 4.10.8, 5.x and 6.0.x before 6.0.3, and 6.1.x before 6.1.0. An attacker could gain access to the admin panel or a customer account when using the password reset function. To do so, it is required to own a domain name similar to the one the victim uses for their e-mail accounts.
CVE-2018-18871 1 Gigasetpro 2 Maxwell Basic, Maxwell Basic Firmware 2024-02-28 5.0 MEDIUM 9.8 CRITICAL
Missing password verification in the web interface on Gigaset Maxwell Basic VoIP phones with firmware 2.22.7 would allow a remote attacker (in the same network as the device) to change the admin password without authentication (and without knowing the original password).
CVE-2018-17298 1 Enalean 1 Tuleap 2024-02-28 5.0 MEDIUM 9.8 CRITICAL
An issue was discovered in Enalean Tuleap before 10.5. Reset password links are not invalidated after a user changes its password.
CVE-2018-1000812 1 Artica 1 Integria Ims 2024-02-28 4.3 MEDIUM 8.1 HIGH
Artica Integria IMS version 5.0 MR56 Package 58, likely earlier versions contains a CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password recovery process, line 45 of general/password_recovery.php that can result in IntegriaIMS web app user accounts can be taken over. This attack appear to be exploitable via Network access to IntegriaIMS web interface . This vulnerability appears to have been fixed in fixed in versions released after commit f2ff0ba821644acecb893483c86a9c4d3bb75047.
CVE-2018-7809 1 Schneider-electric 8 Modicom Bmxnor0200h, Modicom Bmxnor0200h Firmware, Modicom M340 and 5 more 2024-02-28 6.4 MEDIUM 9.8 CRITICAL
An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the password delete function of the web server.
CVE-2017-2614 1 Redhat 1 Enterprise Virtualization 2024-02-28 2.1 LOW 6.3 MEDIUM
When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts.