← voltar
CVE-2023-47107

PILOS account takeover through password reset poisoning

CVSS 8.8 HIGHEPSS 0.6%CWE-20CWE-640
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 8.8EPSS 0.6%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
08 nov 2023Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
PILOS is an open source front-end for BigBlueButton servers with a built-in load balancer. The password reset component deployed within PILOS uses the hostname supplied within the request host header when building a password reset URL. It may be possible to manipulate the URL sent to PILOS users when so that it points to the attackers server thereby disclosing the password reset token if/when the link is followed. This only affects local user accounts and requires the password reset option to be enabled. This issue has been patched in version 2.3.0.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Produtos afetados
THM-Health · PILOS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/THM-Health/PILOS/security/advisories/GHSA-mc6f-fj9h-5735