CVE-2018-16529 Vulnerability Details

  /     /     /  

CVE-2018-16529 Metadata Quick Info

CVE Published: 28/03/2019 | CVE Updated: 05/08/2024 | CVE Year: 2018
Source: forcepoint | Vendor: Forcepoint | Product: Forcepoint Email Security
Status : PUBLISHED

---

CVE-2018-16529 Description

A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after the intended expiration period or after the URL has already been used to reset a password.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-640
CWE Name: CWE-640: Weak Password Recovery Mechanism for Forgotten Password
Source: Forcepoint

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).