CVE-2024-30187

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-30187
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-30187.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-30187
Downstream
Published
2024-03-25T08:15:36Z
Modified
2025-10-21T19:55:39.768675Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

Anope before 2.0.15 does not prevent resetting the password of a suspended account.

References

Affected packages

Git / github.com/anope/anope

Affected ranges

Type
GIT
Repo
https://github.com/anope/anope
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
2b7872139c40ea5b0ca96c1d6595b7d5f9fa60a5

Affected versions

1.*

1.9.0
1.9.1
1.9.2
1.9.3
1.9.4
1.9.5
1.9.6
1.9.7
1.9.8
1.9.9

2.*

2.0.0
2.0.0-rc1
2.0.0-rc2
2.0.0-rc3
2.0.0-rc4
2.0.1
2.0.10
2.0.11
2.0.12
2.0.13
2.0.14
2.0.2
2.0.3
2.0.4
2.0.5
2.0.6
2.0.7
2.0.8
2.0.9

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "modules/commands/ns_resetpass.cpp"
        },
        "source": "https://github.com/anope/anope/commit/2b7872139c40ea5b0ca96c1d6595b7d5f9fa60a5",
        "digest": {
            "line_hashes": [
                "247545231678450209065556111818386709665",
                "75056771936878878074668213471762505678",
                "335981316559761034908515559961755806101",
                "294072699673959675017797002728053593678",
                "173321267494507783210519239784037944399",
                "107408462399742059876890639815679128544",
                "215780075104792053486882323404267126949",
                "127169783967388291473106035802097762645"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "id": "CVE-2024-30187-ab68e73c"
    }
]