Skip to main content

Navigate Cms CVE-2020-14015

HIGH
Weak Password Recovery Mechanism for Forgotten Password (CWE-640)
2020-06-24 cve@mitre.org
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

1
CVE Published
Jun 24, 2020 - 15:15 nvd
HIGH 7.5

DescriptionNVD

An issue was discovered in Navigate CMS 2.9 r1433. When performing a password reset, a user is emailed an activation code that allows them to reset their password. There is, however, a flaw when no activation code is supplied. The system will allow an unauthorized user to continue setting a password, even though no activation code was supplied, setting the password for the most recently created user in the system (the user with the highest user id).

AnalysisAI

An issue was discovered in Navigate CMS 2.9 r1433. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-640. An issue was discovered in Navigate CMS 2.9 r1433. When performing a password reset, a user is emailed an activation code that allows them to reset their password. There is, however, a flaw when no activation code is supplied. The system will allow an unauthorized user to continue setting a password, even though no activation code was supplied, setting the password for the most recently created user in the system (the user with the highest user id). Affected products include: Naviwebs Navigate Cms.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2018-17552 CRITICAL POC
9.8 Oct 03

SQL Injection in login.php in Naviwebs Navigate CMS 2.8 allows remote attackers to bypass authentication via the navigat

CVE-2018-17553 HIGH POC
8.8 Oct 03

An "Unrestricted Upload of File with Dangerous Type" issue with directory traversal in navigate_upload.php in Naviwebs N

CVE-2021-36455 HIGH POC
8.8 Aug 06

SQL Injection vulnerability in Naviwebs Navigate CMS 2.9 via the quicksearch parameter in \lib\packages\comments\comment

CVE-2020-14017 HIGH POC
7.5 Jun 24

An issue was discovered in Navigate CMS 2.9 r1433. Rated high severity (CVSS 7.5), this vulnerability is remotely exploi

CVE-2020-37053 HIGH POC
7.1 Jan 30

Navigate CMS 2.8.7 contains an authenticated SQL injection vulnerability that allows attackers to leak database informat

CVE-2020-14018 MEDIUM POC
6.1 Jun 24

An issue was discovered in Navigate CMS 2.9 r1433. Rated medium severity (CVSS 6.1), this vulnerability is remotely expl

CVE-2021-36454 MEDIUM POC
5.4 Aug 06

Cross Site Scripting (XSS) vulnerability in Naviwebs Navigate Cms 2.9 via the navigate-quickse parameter to 1) backups\b

CVE-2020-14014 MEDIUM POC
5.4 Jun 24

An issue was discovered in Navigate CMS 2.8 and 2.9 r1433. Rated medium severity (CVSS 5.4), this vulnerability is remot

CVE-2018-18029 MEDIUM POC
5.4 Oct 09

Navigate CMS has Stored XSS via the navigate.php Title field in an edit action. Rated medium severity (CVSS 5.4), this v

CVE-2018-17849 MEDIUM POC
5.4 Oct 04

Navigate CMS 2.8 has Stored XSS via a navigate_upload.php (aka File Upload) request with a multipart/form-data JavaScrip

CVE-2020-14016 MEDIUM POC
5.3 Jun 24

An issue was discovered in Navigate CMS 2.9 r1433. Rated medium severity (CVSS 5.3), this vulnerability is remotely expl

CVE-2022-28117 MEDIUM POC
4.9 Apr 28

A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the ap

Share

CVE-2020-14015 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy