CVE-2017-18486

Exploit

EPSS 4.81%
Veröffentlicht 09.08.2019 17:15:10
Zuletzt bearbeitet 21.11.2024 03:20:13
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privileges because of mishandling of the User/AutoLogin userHash parameter. By inspecting the token value provided in a password reset link, a user can leverage a weak PRNG to recover the shared secret used by the server for remote authentication. The shared secret can be used to escalate privileges by forging new tokens for any user. These tokens can be used to automatically log in as the affected user.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Jitbit ≫ Helpdesk Version < 9.0.3

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	4.81%	0.908

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	1.2	5.9	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	6.5	8	6.4	AV:N/AC:L/Au:S/C:P/I:P/A:P

CWE-332 Insufficient Entropy in PRNG

The lack of entropy available for, or used by, a Pseudo-Random Number Generator (PRNG) can be a stability and security threat.

https://github.com/Kc57/JitBit_Helpdesk_Auth_Bypass

Third Party Advisory

Exploit

https://packetstormsecurity.com/files/144334/JitBit-Helpdesk-9.0.2-Broken-Authentication.html

Third Party Advisory

VDB Entry

https://www.exploit-db.com/exploits/42776

Third Party Advisory

Exploit

VDB Entry

https://www.trustedsec.com/2017/09/full-disclosure-jitbit-helpdesk-authentication-bypass-0-day

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-18486

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-18486

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-18486

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2017-18486