Lucene search

K
githubGitHub Advisory DatabaseGHSA-VFQ6-HQ5R-27R6
HistoryJan 16, 2020 - 10:35 p.m.

Django Potential account hijack via password reset form

2020-01-1622:35:12
CWE-640
GitHub Advisory Database
github.com
198

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.198 Low

EPSS

Percentile

96.4%

Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user’s email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.)

Affected configurations

Vulners
Node
django-registration_projectdjango-registrationRange<3.0.1django
OR
django-registration_projectdjango-registrationRange<2.2.9django
OR
django-registration_projectdjango-registrationRange<1.11.27django
CPENameOperatorVersion
djangolt3.0.1
djangolt2.2.9
djangolt1.11.27

References

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.198 Low

EPSS

Percentile

96.4%