Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-640
Total 121 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-0352 1 Akuvox 2 E11, E11 Firmware 2023-03-16 N/A 9.1 CRITICAL
The Akuvox E11 password recovery webpage can be accessed without authentication, and an attacker could download the device key file. An attacker could then use this page to reset the password back to the default.
CVE-2020-11027 2 Debian, Wordpress 2 Debian Linux, Wordpress 2023-03-01 5.5 MEDIUM 8.1 HIGH
In affected versions of WordPress, a password reset link emailed to a user does not expire upon changing the user password. Access would be needed to the email account of the user by a malicious party for successful execution. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).
CVE-2022-3485 1 Ifm 4 Moneo Qha200, Moneo Qha200 Firmware, Moneo Qha210 and 1 more 2023-03-01 N/A 9.8 CRITICAL
In IFM Moneo Appliance with version up to 1.9.3 an unauthenticated remote attacker can reset the administrator password by only supplying the serial number and thus gain full control of the device.
CVE-2022-45782 1 Dotcms 1 Dotcms 2023-02-13 N/A 8.8 HIGH
An issue was discovered in dotCMS core 5.3.8.5 through 5.3.8.15 and 21.03 through 22.10.1. A cryptographically insecure random generation algorithm for password-reset token generation leads to account takeover.
CVE-2022-26872 1 Ami 1 Megarac Sp-x 2023-02-08 N/A 8.8 HIGH
AMI Megarac Password reset interception via API
CVE-2015-10071 1 Gitter 1 Ez Publish Modern Legacy 2023-01-27 N/A 7.5 HIGH
A vulnerability was found in gitter-badger ezpublish-modern-legacy. It has been rated as problematic. This issue affects some unknown processing of the file kernel/user/forgotpassword.php. The manipulation leads to weak password recovery. Upgrading to version 1.0 is able to address this issue. The name of the patch is 5908d5ee65fec61ce0e321d586530461a210bf2a. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-218951.
CVE-2022-25027 1 Rocketsoftware 1 Trufusion Enterprise 2023-01-23 N/A 7.5 HIGH
The Forgotten Password functionality of Rocket TRUfusion Portal v7.9.2.1 allows remote attackers to bypass authentication and access restricted pages by validating the user's session token when the "Password forgotten?" button is clicked.
CVE-2017-7615 1 Mantisbt 1 Mantisbt 2023-01-20 6.5 MEDIUM 8.8 HIGH
MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.
CVE-2022-30332 1 Talend 1 Administration Center 2023-01-18 N/A 5.3 MEDIUM
In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature provides different error messages for invalid reset attempts depending on whether the email address is associated with any account. This allows remote attackers to enumerate accounts via a series of requests.
CVE-2020-12067 1 Pilz 1 Pmc 2023-01-05 N/A 7.5 HIGH
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), a user's password may be changed by an attacker without knowledge of the current password.
CVE-2022-47377 1 Sick 2 Sim2000 Firmware, Sim2000st 2022-12-21 N/A 9.8 CRITICAL
Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 with firmware version <1.13.4 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This leads to an increase in their privileges on the system and thereby affecting the confidentiality integrity and availability of the system. An attacker can expect repeatable success by exploiting the vulnerability. The recommended solution is to update the firmware to a version >= 1.13.4 as soon as possible (available in SICK Support Portal).
CVE-2016-8716 1 Moxa 2 Awk-3131a, Awk-3131a Firmware 2022-12-14 3.3 LOW 7.5 HIGH
An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepting this traffic is able to obtain valid credentials.
CVE-2022-44004 1 Backclick 1 Backclick 2022-11-20 N/A 9.8 CRITICAL
An issue was discovered in BACKCLICK Professional 5.9.63. Due to insecure design or lack of authentication, unauthenticated attackers can complete the password-reset process for any account and set a new password.
CVE-2022-37300 1 Schneider-electric 70 Ecostruxure Control Expert, Ecostruxure Process Expert, Modicon M340 Bmxp341000 and 67 more 2022-09-15 N/A 9.8 CRITICAL
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and write mode to the controller when communicating over Modbus. Affected Products: EcoStruxure Control Expert Including all Unity Pro versions (former name of EcoStruxure Control Expert) (V15.0 SP1 and prior), EcoStruxure Process Expert, Including all versions of EcoStruxure Hybrid DCS (former name of EcoStruxure Process Expert) (V2021 and prior), Modicon M340 CPU (part numbers BMXP34*) (V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*) (V3.20 and prior).
CVE-2022-34530 1 Backdropcms 1 Backdrop Cms 2022-08-08 N/A 5.3 MEDIUM
An issue in the login and reset password functionality of Backdrop CMS v1.22.0 allows attackers to enumerate usernames via password reset requests and distinct responses returned based on usernames.
CVE-2022-23172 1 Priority-software 1 Priority 2022-07-14 4.0 MEDIUM 4.3 MEDIUM
An attacker can access to "Forgot my password" button, as soon as he puts users is valid in the system, the system would issue a message that a password reset email had been sent to user. This way you can verify which users are in the system and which are not.
CVE-2022-29174 1 Count 1 Countly Server 2022-05-29 6.8 MEDIUM 8.1 HIGH
countly-server is the server-side part of Countly, a product analytics solution. Prior to versions 22.03.7 and 21.11.4, a malicious actor who knows an account email address/username and full name specified in the database is capable of guessing the password reset token. The actor may use this information to reset the password and take over the account. The problem has been patched in Countly Server version 22.03.7 for servers using the new user interface and in 21.11.4 for servers using the old user interface.
CVE-2022-29933 1 Craftcms 1 Craft Cms 2022-05-18 6.8 MEDIUM 8.8 HIGH
Craft CMS through 3.7.36 allows a remote unauthenticated attacker, who knows at least one valid username, to reset the account's password and take over the account by providing a crafted HTTP header to the application while using the password reset functionality. Specifically, the attacker must send X-Forwarded-Host to the /index.php?p=admin/actions/users/send-password-reset-email URI. NOTE: the vendor's position is that a customer can already work around this by adjusting the configuration (i.e., by not using the default configuration).
CVE-2022-24892 1 Shopware 1 Shopware 2022-05-10 6.8 MEDIUM 7.5 HIGH
Shopware is an open source e-commerce software platform. Starting with version 5.0.4 and before version 5.7.9, multiple tokens for password reset can be requested. All tokens can be used to change the password. This makes it possible for an attacker to take over the victim's account if they somehow gain access to the victims email account and find an unused password reset token in the emails. This issue is fixed in version 5.7.9.
CVE-2018-16529 1 Forcepoint 1 Email Security 2022-04-22 5.0 MEDIUM 9.8 CRITICAL
A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after the intended expiration period or after the URL has already been used to reset a password.