CVE-2017-1000153
critical
CVSS v3
9.8
CVSS v2
7.5
VIR risk
9.8
Description
Mahara 15.04 before 15.04.10 and 15.10 before 15.10.6 and 16.04 before 16.04.4 are vulnerable to incorrect access control after the password reset link is sent via email and then user changes default email, Mahara fails to invalidate old link.Consequently the link in email can be used to gain access to the user's account.
Predictions
Exploit likelihood
97%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — https://bugs.launchpad.net/mahara/+bug/1577251
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| mahara | mahara | 15.04 | |
| mahara | mahara | 15.04.0 | |
| mahara | mahara | 15.04.1 | |
| mahara | mahara | 15.04.2 | |
| mahara | mahara | 15.04.3 | |
| mahara | mahara | 15.04.4 | |
| mahara | mahara | 15.04.5 | |
| mahara | mahara | 15.04.6 | |
| mahara | mahara | 15.04.7 | |
| mahara | mahara | 15.04.8 | |
| mahara | mahara | 15.04.9 | |
| mahara | mahara | 16.04 | |
| mahara | mahara | 16.04.0 | |
| mahara | mahara | 16.04.1 | |
| mahara | mahara | 16.04.2 | |
| mahara | mahara | 16.04.3 | |
| mahara | mahara | 15.10.0 | |
| mahara | mahara | 15.10.1 | |
| mahara | mahara | 15.10.2 | |
| mahara | mahara | 15.10.3 | |
| mahara | mahara | 15.10.4 | |
| mahara | mahara | 15.10.5 | |
References
CWEs
CWE-732
Verify integrity in audit chain (admin only). AS-IS.