CVE-2018-16703 - Vulnerability Details - OpenCVE

ReportizFlow

A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker to perform multiple user enumerations, which can further help an attacker to perform login attempts in excess of the configured login attempt limit. The vulnerability is due to insufficient server-side access control and login attempt limit enforcement. An attacker could exploit this vulnerability by sending modified login attempts to the Portal login page. An exploit could allow the attacker to identify existing users and perform brute-force password attacks on the Portal, as demonstrated by navigating to the user/4 URI.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gleeztech	Gleez Cms

Configuration 1 [-]

cpe:2.3:a:gleeztech:gleez_cms:1.2.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/gleez/cms/issues/802

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-09-07T17:00:00

Updated: 2024-08-05T10:32:53.562Z

Reserved: 2018-09-07T00:00:00

Link: CVE-2018-16703

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-09-07T17:29:01.020

Modified: 2024-11-21T03:53:11.410

Link: CVE-2018-16703

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-09-07T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker to perform multiple user enumerations, which can further help an attacker to perform login attempts in excess of the configured login attempt limit. The vulnerability is due to insufficient server-side access control and login attempt limit enforcement. An attacker could exploit this vulnerability by sending modified login attempts to the Portal login page. An exploit could allow the attacker to identify existing users and perform brute-force password attacks on the Portal, as demonstrated by navigating to the user/4 URI."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-09-07T17:57:02", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/gleez/cms/issues/802"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2018-16703", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker to perform multiple user enumerations, which can further help an attacker to perform login attempts in excess of the configured login attempt limit. The vulnerability is due to insufficient server-side access control and login attempt limit enforcement. An attacker could exploit this vulnerability by sending modified login attempts to the Portal login page. An exploit could allow the attacker to identify existing users and perform brute-force password attacks on the Portal, as demonstrated by navigating to the user/4 URI."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/gleez/cms/issues/802", "refsource": "MISC", "url": "https://github.com/gleez/cms/issues/802"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T10:32:53.562Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/gleez/cms/issues/802"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-16703", "datePublished": "2018-09-07T17:00:00", "dateReserved": "2018-09-07T00:00:00", "dateUpdated": "2024-08-05T10:32:53.562Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gleeztech:gleez_cms:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B8DE79A-3439-4388-A4AF-A92B4F2BC185", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker to perform multiple user enumerations, which can further help an attacker to perform login attempts in excess of the configured login attempt limit. The vulnerability is due to insufficient server-side access control and login attempt limit enforcement. An attacker could exploit this vulnerability by sending modified login attempts to the Portal login page. An exploit could allow the attacker to identify existing users and perform brute-force password attacks on the Portal, as demonstrated by navigating to the user/4 URI."}, {"lang": "es", "value": "Una vulnerabilidad en la p\u00e1gina de inicio de sesi\u00f3n de Gleez CMS 1.2.0 podr\u00eda permitir que un atacante remoto no autenticado realice m\u00faltiples enumeraciones de usuario, lo que puede ayudar a un atacante a realizar intentos de inicio de sesi\u00f3n que sobrepasan el l\u00edmite configurado de intentos de inicio de sesi\u00f3n. La vulnerabilidad se debe a un control de acceso insuficiente del lado del servidor y a una aplicaci\u00f3n insuficiente del l\u00edmite de intentos de inicio de sesi\u00f3n. Un atacante podr\u00eda explotar esta vulnerabilidad enviando intentos modificados de inicio de sesi\u00f3n a la p\u00e1gina de inicio de sesi\u00f3n del portal. Su explotaci\u00f3n podr\u00eda permitir que el atacante identifique a los usuarios existentes y realice ataques de adivinaci\u00f3n de contrase\u00f1a por fuerza bruta en el portal, tal y como queda demostrado navegando hasta el URI user/4."}], "id": "CVE-2018-16703", "lastModified": "2024-11-21T03:53:11.410", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "[email protected]", "type": "Primary"}]}, "published": "2018-09-07T17:29:01.020", "references": [{"source": "[email protected]", "tags": ["Third Party Advisory"], "url": "https://github.com/gleez/cms/issues/802"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/gleez/cms/issues/802"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-307"}, {"lang": "en", "value": "CWE-521"}, {"lang": "en", "value": "CWE-732"}], "source": "[email protected]", "type": "Primary"}]}