PT-2022-3418 · Countly · Countly-Server

Hakupiku

Published

2022-05-17

Updated

2022-05-30

CVE-2022-29174

CVSS v3.1

8.1

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions countly-server versions prior to 22.03.7 countly-server versions prior to 21.11.4

Description The issue is related to a weakness in the password recovery mechanism of countly-server, allowing a remote attacker to change a user's password and gain elevated privileges. An attacker who knows an account's email address/username and full name specified in the database can guess the password reset token, use this information to reset the password, and take over the account.

Recommendations For versions prior to 22.03.7, update to version 22.03.7 or later for servers using the new user interface. For versions prior to 21.11.4, update to version 21.11.4 or later for servers using the old user interface.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-640

Related Identifiers

BDU:2022-04196

CVE-2022-29174

GHSA-98VH-WQW5-P23V

Affected Products

Countly-Server

PT-2022-3418 · Countly · Countly-Server

CVE-2022-29174

Weakness Enumeration

Related Identifiers

Affected Products

References · 8