#VU34195 Weak Password Recovery Mechanism for Forgotten Password in Navigate CMS - CVE-2020-14015
Published: June 24, 2020 / Updated: August 8, 2020
Vulnerability identifier: #VU34195
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2020-14015
CWE-ID: CWE-640
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Navigate CMS
Navigate CMS
Software vendor:
Naviwebs
Naviwebs
Description
The vulnerability allows a remote non-authenticated attacker to manipulate data.
An issue was discovered in Navigate CMS 2.9 r1433. When performing a password reset, a user is emailed an activation code that allows them to reset their password. There is, however, a flaw when no activation code is supplied. The system will allow an unauthorized user to continue setting a password, even though no activation code was supplied, setting the password for the most recently created user in the system (the user with the highest user id).
Remediation
Install update from vendor's website.