Sulu
CVE-2020-15132
MEDIUM
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the "Forget password" feature on the login screen is used, Sulu asks the user for a username or email address. If the given string is not found, a response with a 400 error code is returned, along with a error message saying that this user name does not exist. This enables attackers to retrieve valid usernames. Also, the response of the "Forgot Password" request returns the email address to which the email was sent, if the operation was successful. This information should not be exposed, as it can be used to gather email addresses. This problem was fixed in versions 1.6.35, 2.0.10 and 2.1.1.
AnalysisAI
In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the "Forget password" feature on the login screen is used, Sulu asks the user for a username or email address. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-209. In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the "Forget password" feature on the login screen is used, Sulu asks the user for a username or email address. If the given string is not found, a response with a 400 error code is returned, along with a error message saying that this user name does not exist. This enables attackers to retrieve valid usernames. Also, the response of the "Forgot Password" request returns the email address to which the email was sent, if the operation was successful. This information should not be exposed, as it can be used to gather email addresses. This problem was fixed in versions 1.6.35, 2.0.10 and 2.1.1. Affected products include: Sulu.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Sulu is an open-source PHP content management system based on the Symfony framework. Rated high severity (CVSS 8.8), thi
Sulu is a PHP content management system. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low
Sulu is an open-source PHP content management system based on the Symfony framework. Rated high severity (CVSS 7.2), thi
Sulu is a PHP content management system. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, n
Sulu is a PHP content management system. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, l
Sulu is a highly extensible open-source PHP content management system based on the Symfony framework. Rated medium sever
Sulu is an open-source PHP content management system based on the Symfony framework. Rated medium severity (CVSS 4.8), t
Sulu is an open-source PHP content management system based on the Symfony framework. Rated medium severity (CVSS 4.8), t
Sulu is an open-source PHP content management system based on the Symfony framework. Rated medium severity (CVSS 4.3), t
Same weakness CWE-209 – Error Message Information Leak
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today