exploitDog

CVE-2018-16529

Опубликовано: 28 мар. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 5

EPSS Низкий

Описание

A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after the intended expiration period or after the URL has already been used to reset a password.

Ссылки

https://help.forcepoint.com/security/CVE/CVE-2018-16529.html
Vendor Advisory
https://seclists.org/fulldisclosure/2018/Nov/23
Exploit
Mailing List
Third Party Advisory
https://help.forcepoint.com/security/CVE/CVE-2018-16529.html
Vendor Advisory
https://seclists.org/fulldisclosure/2018/Nov/23
Exploit
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:forcepoint:email_security:*:*:*:*:*:*:*:*

Версия от 8.5.0 (включая) до 8.5.3 (включая)

EPSS

Процентиль: 58%

0.00362

Низкий

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-640

CWE-640

Связанные уязвимости

GHSA-xc68-xqhg-hr75

CVSS3: 9.8

github

почти 4 года назад

A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after the intended expiration period or after the URL has already been used to reset a password.

EPSS

Процентиль: 58%

0.00362

Низкий

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-640

CWE-640