CVE-2024-0787

15 Nov 2024

Título es

CVE-2024-0787

Vie, 15/11/2024 – 11:15

Tipo

CWE-307

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-0787

Descripción en

phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header. The issue lies in the 'get_user_ip()' function in 'class.Common.php' at lines 1044 and 1045, where the presence of the 'X-Forwarded-For' header is checked and used instead of 'REMOTE_ADDR'. This vulnerability allows attackers to perform brute force attacks on user accounts, including the admin account. The issue is fixed in version 1.7.0.

15/11/2024

Vector CVSS:3.1

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

5.30

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://github.com/phpipam/phpipam/commit/55c2056068be9f1359e967fcff64db6b7f4d00b5

https://huntr.com/bounties/840cb582-1feb-43ab-9cc4-e4b5a63c5bab

Enviar en el boletín

Off

CVE-2024-0787

CVE-2024-0787

Jose Alexis Correa Valencia