CVE-2018-1000884

CRITICAL Year: 2018
CVSS v3 Score
9.8
Critical
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-203
View all →

Vulnerability Description

Vesta CP version Prior to commit f6f6f9cfbbf2979e301956d1c6ab5c44386822c0 -- any release prior to 0.9.8-18 contains a CWE-208 / Information Exposure Through Timing Discrepancy vulnerability in Password reset code -- web/reset/index.php, line 51 that can result in Possible to determine password reset codes, attacker is able to change administrator password. This attack appear to be exploitable via Unauthenticated network connectivity. This vulnerability appears to have been fixed in After commit f6f6f9cfbbf2979e301956d1c6ab5c44386822c0 -- release version 0.9.8-19.

Related Vulnerabilities

CVE-2019-10071

CRITICAL
CVSS:9.8(Critical)

The code which checks HMAC in form submissions used String.equals() for comparisons, which results in a timing side channel for the comparison of the HMAC signatures. This could lead to remote code ex...

CWE-2032019

CVE-2022-23303

CRITICAL
CVSS:9.8(Critical)

The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an inco...

CWE-2032022

CVE-2022-23304

CRITICAL
CVSS:9.8(Critical)

The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an ...

CWE-2032022

CVE-2023-40756

CRITICAL
CVSS:9.8(Critical)

User enumeration is found in PHPJabbers Callback Widget v1.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or no...

CWE-2032023

CVE-2023-50708

CRITICAL
CVSS:9.8(Critical)

yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth1/2 `state` and OpenID Conn...

CWE-2032023

CVE-2024-23771

CRITICAL
CVSS:9.8(Critical)

darkhttpd before 1.15 uses strcmp (which is not constant time) to verify authentication, which makes it easier for remote attackers to bypass authentication via a timing side channel.

CWE-2032024