CVE-2021-25957 - OpenCVE

In “Dolibarr” application, v2.8.1 to v13.0.2 are vulnerable to account takeover via password reset functionality. A low privileged attacker can reset the password of any user in the application using the password reset link the user received through email when requested for a forgotten password.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Dolibarr	Dolibarr

Configuration 1 [-]

cpe:2.3:a:dolibarr:dolibarr:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/Dolibarr/dolibarr/commit/87f9530272925f0d651f59337a35661faeb6f377
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25957

History

No history.

MITRE

Status: PUBLISHED

Assigner: Mend

Published: 2021-08-17T14:13:30.226153Z

Updated: 2024-09-17T01:51:51.602Z

Reserved: 2021-01-22T00:00:00

Link: CVE-2021-25957

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-08-17T15:15:08.040

Modified: 2021-08-24T20:49:40.680

Link: CVE-2021-25957

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "dolibarr", "vendor": "Dolibarr", "versions": [{"changes": [{"at": "2.8.1", "status": "affected"}], "lessThanOrEqual": "13.0.2", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Hagai Wechsler"}], "descriptions": [{"lang": "en", "value": "In \u201cDolibarr\u201d application, v2.8.1 to v13.0.2 are vulnerable to account takeover via password reset functionality. A low privileged attacker can reset the password of any user in the application using the password reset link the user received through email when requested for a forgotten password."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-640", "description": "CWE-640 Weak Password Recovery Mechanism for Forgotten Password", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-08-17T14:13:30", "orgId": "478c68dd-22c1-4a41-97cd-654224dfacff", "shortName": "Mend"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/Dolibarr/dolibarr/commit/87f9530272925f0d651f59337a35661faeb6f377"}, {"tags": ["x_refsource_MISC"], "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25957"}], "solutions": [{"lang": "en", "value": "Update to 14.0.0"}], "source": {"advisory": "https://www.whitesourcesoftware.com/vulnerability-database/", "discovery": "UNKNOWN"}, "title": "Account Takeover in \"Dolibarr\" via Password Reset Functionality", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"AKA": "", "ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com", "DATE_PUBLIC": "", "ID": "CVE-2021-25957", "STATE": "PUBLIC", "TITLE": "Account Takeover in \"Dolibarr\" via Password Reset Functionality"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "dolibarr", "version": {"version_data": [{"platform": "", "version_affected": "<=", "version_name": "", "version_value": "13.0.2"}, {"platform": "", "version_affected": ">=", "version_name": "", "version_value": "2.8.1"}]}}]}, "vendor_name": "Dolibarr"}]}}, "configuration": [], "credit": [{"lang": "eng", "value": "Hagai Wechsler"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In \u201cDolibarr\u201d application, v2.8.1 to v13.0.2 are vulnerable to account takeover via password reset functionality. A low privileged attacker can reset the password of any user in the application using the password reset link the user received through email when requested for a forgotten password."}]}, "exploit": [], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-640 Weak Password Recovery Mechanism for Forgotten Password"}]}]}, "references": {"reference_data": [{"name": "https://github.com/Dolibarr/dolibarr/commit/87f9530272925f0d651f59337a35661faeb6f377", "refsource": "MISC", "url": "https://github.com/Dolibarr/dolibarr/commit/87f9530272925f0d651f59337a35661faeb6f377"}, {"name": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25957", "refsource": "MISC", "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25957"}]}, "solution": [{"lang": "en", "value": "Update to 14.0.0"}], "source": {"advisory": "https://www.whitesourcesoftware.com/vulnerability-database/", "defect": [], "discovery": "UNKNOWN"}, "work_around": []}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T20:19:18.991Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/Dolibarr/dolibarr/commit/87f9530272925f0d651f59337a35661faeb6f377"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25957"}]}]}, "cveMetadata": {"assignerOrgId": "478c68dd-22c1-4a41-97cd-654224dfacff", "assignerShortName": "Mend", "cveId": "CVE-2021-25957", "datePublished": "2021-08-17T14:13:30.226153Z", "dateReserved": "2021-01-22T00:00:00", "dateUpdated": "2024-09-17T01:51:51.602Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dolibarr:dolibarr:*:*:*:*:*:*:*:*", "matchCriteriaId": "730BE634-E4DD-4AC7-89A0-74ED7ED1EB2D", "versionEndIncluding": "13.0.2", "versionStartIncluding": "2.8.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In \u201cDolibarr\u201d application, v2.8.1 to v13.0.2 are vulnerable to account takeover via password reset functionality. A low privileged attacker can reset the password of any user in the application using the password reset link the user received through email when requested for a forgotten password."}, {"lang": "es", "value": "En la aplicaci\u00f3n \"Dolibarr\", versiones v2.8.1 a v13.0.2, son vulnerables a la toma de cuenta por medio de la funcionalidad password reset. Un atacante poco privilegiado puede restablecer la contrase\u00f1a de cualquier usuario de la aplicaci\u00f3n usando el enlace de restablecimiento de contrase\u00f1a que el usuario recibi\u00f3 mediante correo electr\u00f3nico cuando se le solicit\u00f3 una contrase\u00f1a olvidada."}], "id": "CVE-2021-25957", "lastModified": "2021-08-24T20:49:40.680", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "vulnerabilitylab@mend.io", "type": "Secondary"}]}, "published": "2021-08-17T15:15:08.040", "references": [{"source": "vulnerabilitylab@mend.io", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/Dolibarr/dolibarr/commit/87f9530272925f0d651f59337a35661faeb6f377"}, {"source": "vulnerabilitylab@mend.io", "tags": ["Third Party Advisory"], "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25957"}], "sourceIdentifier": "vulnerabilitylab@mend.io", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-640"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-640"}], "source": "vulnerabilitylab@mend.io", "type": "Secondary"}]}