CVE-2023-49589

An insufficient entropy vulnerability exists in the userRecoverPass.php recoverPass generation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to an arbitrary user password recovery. An attacker can send an HTTP request to trigger this vulnerability.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1896	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:wwbn:avideo:15fed957fb:*:*:*:*:*:*:*

History

17 Jan 2024, 15:16

Type	Values Removed	Values Added
References	~~() https://talosintelligence.com/vulnerability_reports/TALOS-2023-1896 -~~	() https://talosintelligence.com/vulnerability_reports/TALOS-2023-1896 - Exploit, Third Party Advisory
CPE		cpe:2.3:a:wwbn:avideo:15fed957fb:::::::*
Summary		(es) Existe una vulnerabilidad de entropía insuficiente en la funcionalidad de generación de recoveryPass de userRecoverPass.php de la confirmación maestra de desarrollo de WWBN AVideo 15fed957fb. Una solicitud HTTP especialmente manipulada puede provocar la recuperación arbitraria de la contraseña de un usuario. Un atacante puede enviar una solicitud HTTP para desencadenar esta vulnerabilidad.
CWE		NVD-CWE-Other
First Time		Wwbn Wwbn avideo

10 Jan 2024, 18:15

Type	Values Removed	Values Added
References	~~{'url': 'https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1896', 'source': 'talos-cna@cisco.com'}~~

10 Jan 2024, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-01-10 16:15

Updated : 2024-01-17 15:16

NVD link : CVE-2023-49589

Mitre link : CVE-2023-49589

CVE.ORG link : CVE-2023-49589

JSON object : View

Products Affected

wwbn

avideo

CWE

NVD-CWE-Other CWE-640

Weak Password Recovery Mechanism for Forgotten Password

{"id": "CVE-2023-49589", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-01-10T16:15:48.063", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1896", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-640"}]}], "descriptions": [{"lang": "en", "value": "An insufficient entropy vulnerability exists in the userRecoverPass.php recoverPass generation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to an arbitrary user password recovery. An attacker can send an HTTP request to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de entrop\u00eda insuficiente en la funcionalidad de generaci\u00f3n de recoveryPass de userRecoverPass.php de la confirmaci\u00f3n maestra de desarrollo de WWBN AVideo 15fed957fb. Una solicitud HTTP especialmente manipulada puede provocar la recuperaci\u00f3n arbitraria de la contrase\u00f1a de un usuario. Un atacante puede enviar una solicitud HTTP para desencadenar esta vulnerabilidad."}], "lastModified": "2024-01-17T15:16:26.823", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wwbn:avideo:15fed957fb:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4199C617-A976-4F18-ADD2-C26A5B046CC3"}], "operator": "OR"}]}], "sourceIdentifier": "talos-cna@cisco.com"}