CVE-2019-18818

critical-risk

Published 2019-11-07

strapi before 3.0.0-beta.17.5 mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js.

Do I need to act?

94.0% chance of exploitation in next 30 days

EPSS score — higher than 6% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

2 public exploits available

50237, 50716

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (20)

Strapi

Affected Vendors

Strapi

References (12)

Exploit http://packetstormsecurity.com/files/163939/Strapi-3.0.0-beta-Authentication-Byp...

Exploit http://packetstormsecurity.com/files/163950/Strapi-CMS-3.0.0-beta.17.4-Remote-Co...

Exploit http://packetstormsecurity.com/files/165896/Strapi-CMS-3.0.0-beta.17.4-Privilege...

Third Party Advisory https://github.com/strapi/strapi/pull/4443

Release Notes https://github.com/strapi/strapi/releases/tag/v3.0.0-beta.17.5

Third Party Advisory https://www.npmjs.com/advisories/1311

Exploit http://packetstormsecurity.com/files/163939/Strapi-3.0.0-beta-Authentication-Byp...

Exploit http://packetstormsecurity.com/files/163950/Strapi-CMS-3.0.0-beta.17.4-Remote-Co...

Exploit http://packetstormsecurity.com/files/165896/Strapi-CMS-3.0.0-beta.17.4-Privilege...

Third Party Advisory https://github.com/strapi/strapi/pull/4443

Release Notes https://github.com/strapi/strapi/releases/tag/v3.0.0-beta.17.5

Third Party Advisory https://www.npmjs.com/advisories/1311

/ 100

critical-risk

Severity 32/34 · Critical

Exploitability 20/34 · Moderate

Exposure 29/34 · Critical