CVE-2020-15149

Source
https://nvd.nist.gov/vuln/detail/CVE-2020-15149
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-15149.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-15149
Related
  • GHSA-hr66-c8pg-5mg7
Published
2020-08-20T01:17:12Z
Modified
2025-01-15T01:42:53.758055Z
Severity
  • 9.9 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L CVSS Calculator
Summary
[none]
Details

NodeBB before version 1.14.3 has a bug introduced in version 1.12.2 in the validation logic that makes it possible to change the password of any user on a running NodeBB forum by sending a specially crafted socket.io call to the server. This could lead to a privilege escalation event due via an account takeover. As a workaround you may cherry-pick the following commit from the project's repository to your running instance of NodeBB: 16cee1b03ba3eee177834a1fdac4aa8a12b39d2a. This is fixed in version 1.14.3.

References

Affected packages

Git / github.com/nodebb/nodebb

Affected ranges

Type
GIT
Repo
https://github.com/nodebb/nodebb
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

1.*

1.0.1-auto.0

v0.*

v0.0.3
v0.0.4
v0.0.5
v0.0.6
v0.0.7
v0.1.0
v0.1.1
v0.2.0
v0.2.1
v0.3.0
v0.3.1
v0.3.2
v0.5.0-1
v0.5.0-2
v0.9.2

v1.*

v1.0.0
v1.14.0
v1.14.0-0
v1.14.0-1
v1.14.0-10
v1.14.0-11
v1.14.0-12
v1.14.0-2
v1.14.0-3
v1.14.0-4
v1.14.0-5
v1.14.0-6
v1.14.0-7
v1.14.0-8
v1.14.0-9
v1.14.1
v1.14.1-beta.0
v1.14.1-beta.1
v1.14.1-beta.2
v1.14.1-beta.3
v1.14.2
v1.14.2-beta.0
v1.14.2-beta.1
v1.5.3