How severe is CVE-2023-26481?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2023-26481?

This is classified as CWE-345, which is a common weakness in software security.

CVE-2023-26481

MEDIUM Year: 2023

CVSS v3 Score

6.5

Medium

Weakness Type

CWE-345

View all →

Vulnerability Description

authentik is an open-source Identity Provider. Due to an insufficient access check, a recovery flow link that is created by an admin (or sent via email by an admin) can be used to set the password for any arbitrary user. This attack is only possible if a recovery flow exists, which has both an Identification and an Email stage bound to it. If the flow has policies on the identification stage to skip it when the flow is restored (by checking `request.context['is_restored']`), the flow is not affected by this. With this flow in place, an administrator must create a recovery Link or send a recovery URL to the attacker, who can, due to the improper validation of the token create, set the password for any account. Regardless, for custom recovery flows it is recommended to add a policy that checks if the flow is restored, and skips the identification stage. This issue has been fixed in versions 2023.2.3, 2023.1.3 and 2022.12.2.

CVE-2019-17228

MEDIUM

CVSS:6.5(Medium)

includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress allows unauthenticated options changes.

CWE-3452019

CVE-2019-5587

MEDIUM

CVSS:6.5(Medium)

Lack of root file system integrity checking in Fortinet FortiOS VM application images all versions below 6.0.5 may allow attacker to implant malicious programs into the installing image by reassemblin...

CWE-3452019

CVE-2019-8921

MEDIUM

CVSS:6.5(Medium)

An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick...

CWE-3452019

CVE-2020-10137

MEDIUM

CVSS:6.5(Medium)

Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FIND_NODE_IN_RANGE frames, allowing a remote, unauthenticated attacker to inject a FIND_NODE...

CWE-3452020

CVE-2020-9230

MEDIUM

CVSS:6.5(Medium)

WS5800-10 version 10.0.3.25 has a denial of service vulnerability. Due to improper verification of specific message, an attacker may exploit this vulnerability to cause specific function to become abn...

CWE-3452020

CVE-2021-22339

MEDIUM

CVSS:6.5(Medium)

There is a denial of service vulnerability in some versions of ManageOne. In specific scenarios, due to the insufficient verification of the parameter, an attacker may craft some specific parameter. S...

CWE-3452021

CVE-2023-26481

Vulnerability Description

Related Vulnerabilities

CVE-2019-17228

CVE-2019-5587

CVE-2019-8921

CVE-2020-10137

CVE-2020-9230

CVE-2021-22339