PT-2020-16279 · Click Studios · Clickstudios Passwordstate Password Reset Portal

Jason Juntunen

Published

2020-10-05

Updated

2021-07-21

CVE-2020-26061

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions ClickStudios Passwordstate Password Reset Portal versions prior to 8501

Description The issue concerns an authentication bypass. Specifically, the ResetPassword function does not validate whether the user has successfully authenticated using security questions. This allows an unauthenticated, remote attacker to send a crafted HTTP request to the "/account/ResetPassword" page to set a new password for any registered user.

Recommendations For versions prior to 8501, update to build 8501 or later to resolve the issue. As a temporary workaround, consider restricting access to the "/account/ResetPassword" page until the update is applied.

Exploit

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2020-26061

Affected Products

Clickstudios Passwordstate Password Reset Portal

PT-2020-16279 · Click Studios · Clickstudios Passwordstate Password Reset Portal

CVE-2020-26061

Weakness Enumeration

Related Identifiers

Affected Products

References · 4