Vulnerability Details CVE-2011-1035
The password reset in PivotX before 2.2.4 allows remote attackers to modify the passwords of arbitrary users via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.034
EPSS Ranking 86.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://blog.pivotx.net/2011-02-16/pivotx-225-released
- http://forum.pivotx.net/viewtopic.php?f=2&t=1961
- http://forum.pivotx.net/viewtopic.php?f=2&t=1967
- http://forum.pivotx.net/viewtopic.php?p=10639#p10639
- http://osvdb.org/70935
- http://secunia.com/advisories/43417
- http://www.kb.cert.org/vuls/id/175068
- http://www.securityfocus.com/bid/46463
- http://www.vupen.com/english/advisories/2011/0445
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65539
- http://blog.pivotx.net/2011-02-16/pivotx-225-released
- http://forum.pivotx.net/viewtopic.php?f=2&t=1961
- http://forum.pivotx.net/viewtopic.php?f=2&t=1967
- http://forum.pivotx.net/viewtopic.php?p=10639#p10639
- http://osvdb.org/70935
- http://secunia.com/advisories/43417
- http://www.kb.cert.org/vuls/id/175068
- http://www.securityfocus.com/bid/46463
- http://www.vupen.com/english/advisories/2011/0445
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65539
Products affected by CVE-2011-1035
-
cpe:2.3:a:pivotx:pivotx:2.1.0
-
cpe:2.3:a:pivotx:pivotx:2.1.1
-
cpe:2.3:a:pivotx:pivotx:2.1.2
-
cpe:2.3:a:pivotx:pivotx:2.2.0
-
cpe:2.3:a:pivotx:pivotx:2.2.1
-
cpe:2.3:a:pivotx:pivotx:2.2.2
-
cpe:2.3:a:pivotx:pivotx:2.2.3