Lucene search
GitHub Advisory DatabaseGHSA-9GXX-32P7-FF7MHistoryApr 18, 2023 - 6:30 p.m.
Modoboa has Weak Password Requirements
2023-04-1818:30:29
CWE-521
GitHub Advisory Database
github.com
5
modoboa
weak passwords
security issue
software vulnerability
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
57.0%
Modoboa 2.0.5 and prior allows users to set unsafe passwords, such as 1 or HACK. This issue is fixed in commit 130257c96a2392ada795785a91178e656e27015c and anticipated to be part of version 2.1.0.
Affected configurations
Node
modoboamodoboaRange≤2.0.5
Related
prion
prion
Default credentials
2023-04-18 16:15:00
cve
cve
CVE-2023-2160
2023-04-18 16:15:09
huntr
huntr
osv
osv
CVE-2023-2160
2023-04-18 16:15:09
Modoboa has Weak Password Requirements
2023-04-18 18:30:29
PYSEC-2023-34
2023-04-18 16:15:00
nvd
nvd
CVE-2023-2160
2023-04-18 16:15:09
veracode
veracode
Weak Password Requirements
2023-05-02 08:00:25
cvelist
cvelist
CVE-2023-2160 Weak Password Requirements in modoboa/modoboa
2023-04-18 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
57.0%
Related for GHSA-9GXX-32P7-FF7M