CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-25171

Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt denial-of-service attacks against the Password reset page. An attacker could potentially send a large number of emails if they know the email addresses of users in Kiwi TCMS. Additionally that may strain SMTP resources. Users should upgrade to v12.0 or later to receive a patch. As potential workarounds, users may install and configure a rate-limiting proxy in front of Kiwi TCMS and/or configure rate limits on their email server when possible.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.3%

CVSS Severity

CVSS v3 Score 7.5

References

Products affected by CVE-2023-25171

Kiwitcms » Kiwi Tcms » Version: 10.0

cpe:2.3:a:kiwitcms:kiwi_tcms:10.0
Kiwitcms » Kiwi Tcms » Version: 10.1

cpe:2.3:a:kiwitcms:kiwi_tcms:10.1
Kiwitcms » Kiwi Tcms » Version: 10.2

cpe:2.3:a:kiwitcms:kiwi_tcms:10.2
Kiwitcms » Kiwi Tcms » Version: 10.3

cpe:2.3:a:kiwitcms:kiwi_tcms:10.3
Kiwitcms » Kiwi Tcms » Version: 10.4

cpe:2.3:a:kiwitcms:kiwi_tcms:10.4
Kiwitcms » Kiwi Tcms » Version: 10.5

cpe:2.3:a:kiwitcms:kiwi_tcms:10.5
Kiwitcms » Kiwi Tcms » Version: 11.0

cpe:2.3:a:kiwitcms:kiwi_tcms:11.0
Kiwitcms » Kiwi Tcms » Version: 11.1

cpe:2.3:a:kiwitcms:kiwi_tcms:11.1
Kiwitcms » Kiwi Tcms » Version: 11.2

cpe:2.3:a:kiwitcms:kiwi_tcms:11.2
Kiwitcms » Kiwi Tcms » Version: 11.3

cpe:2.3:a:kiwitcms:kiwi_tcms:11.3
Kiwitcms » Kiwi Tcms » Version: 11.4

cpe:2.3:a:kiwitcms:kiwi_tcms:11.4
Kiwitcms » Kiwi Tcms » Version: 11.5

cpe:2.3:a:kiwitcms:kiwi_tcms:11.5
Kiwitcms » Kiwi Tcms » Version: 11.6

cpe:2.3:a:kiwitcms:kiwi_tcms:11.6
Kiwitcms » Kiwi Tcms » Version: 11.7

cpe:2.3:a:kiwitcms:kiwi_tcms:11.7
Kiwitcms » Kiwi Tcms » Version: 3.21.1

cpe:2.3:a:kiwitcms:kiwi_tcms:3.21.1
Kiwitcms » Kiwi Tcms » Version: 3.21.2

cpe:2.3:a:kiwitcms:kiwi_tcms:3.21.2
Kiwitcms » Kiwi Tcms » Version: 3.22

cpe:2.3:a:kiwitcms:kiwi_tcms:3.22
Kiwitcms » Kiwi Tcms » Version: 3.23

cpe:2.3:a:kiwitcms:kiwi_tcms:3.23
Kiwitcms » Kiwi Tcms » Version: 3.24

cpe:2.3:a:kiwitcms:kiwi_tcms:3.24
Kiwitcms » Kiwi Tcms » Version: 3.26

cpe:2.3:a:kiwitcms:kiwi_tcms:3.26
Kiwitcms » Kiwi Tcms » Version: 3.28

cpe:2.3:a:kiwitcms:kiwi_tcms:3.28
Kiwitcms » Kiwi Tcms » Version: 3.30

cpe:2.3:a:kiwitcms:kiwi_tcms:3.30
Kiwitcms » Kiwi Tcms » Version: 3.32

cpe:2.3:a:kiwitcms:kiwi_tcms:3.32
Kiwitcms » Kiwi Tcms » Version: 3.33

cpe:2.3:a:kiwitcms:kiwi_tcms:3.33
Kiwitcms » Kiwi Tcms » Version: 3.37

cpe:2.3:a:kiwitcms:kiwi_tcms:3.37
Kiwitcms » Kiwi Tcms » Version: 3.38

cpe:2.3:a:kiwitcms:kiwi_tcms:3.38
Kiwitcms » Kiwi Tcms » Version: 3.39

cpe:2.3:a:kiwitcms:kiwi_tcms:3.39
Kiwitcms » Kiwi Tcms » Version: 3.41

cpe:2.3:a:kiwitcms:kiwi_tcms:3.41
Kiwitcms » Kiwi Tcms » Version: 3.44

cpe:2.3:a:kiwitcms:kiwi_tcms:3.44
Kiwitcms » Kiwi Tcms » Version: 3.48

cpe:2.3:a:kiwitcms:kiwi_tcms:3.48
Kiwitcms » Kiwi Tcms » Version: 3.49

cpe:2.3:a:kiwitcms:kiwi_tcms:3.49
Kiwitcms » Kiwi Tcms » Version: 3.50

cpe:2.3:a:kiwitcms:kiwi_tcms:3.50
Kiwitcms » Kiwi Tcms » Version: 3.8.17-1

cpe:2.3:a:kiwitcms:kiwi_tcms:3.8.17-1
Kiwitcms » Kiwi Tcms » Version: 3.8.18

cpe:2.3:a:kiwitcms:kiwi_tcms:3.8.18
Kiwitcms » Kiwi Tcms » Version: 3.8.18.04

cpe:2.3:a:kiwitcms:kiwi_tcms:3.8.18.04
Kiwitcms » Kiwi Tcms » Version: 3.8.18.05

cpe:2.3:a:kiwitcms:kiwi_tcms:3.8.18.05
Kiwitcms » Kiwi Tcms » Version: 3.8.18.07

cpe:2.3:a:kiwitcms:kiwi_tcms:3.8.18.07
Kiwitcms » Kiwi Tcms » Version: 3.8.18.08

cpe:2.3:a:kiwitcms:kiwi_tcms:3.8.18.08
Kiwitcms » Kiwi Tcms » Version: 3.8.18.08.01

cpe:2.3:a:kiwitcms:kiwi_tcms:3.8.18.08.01
Kiwitcms » Kiwi Tcms » Version: 3.8.18.09

cpe:2.3:a:kiwitcms:kiwi_tcms:3.8.18.09
Kiwitcms » Kiwi Tcms » Version: 3.8.18.10

cpe:2.3:a:kiwitcms:kiwi_tcms:3.8.18.10
Kiwitcms » Kiwi Tcms » Version: 3.8.18.12

cpe:2.3:a:kiwitcms:kiwi_tcms:3.8.18.12
Kiwitcms » Kiwi Tcms » Version: 3.8.18.15

cpe:2.3:a:kiwitcms:kiwi_tcms:3.8.18.15
Kiwitcms » Kiwi Tcms » Version: 3.8.18.17

cpe:2.3:a:kiwitcms:kiwi_tcms:3.8.18.17
Kiwitcms » Kiwi Tcms » Version: 3.8.18.18

cpe:2.3:a:kiwitcms:kiwi_tcms:3.8.18.18
Kiwitcms » Kiwi Tcms » Version: 3.8.18.21

cpe:2.3:a:kiwitcms:kiwi_tcms:3.8.18.21
Kiwitcms » Kiwi Tcms » Version: 4.0.0

cpe:2.3:a:kiwitcms:kiwi_tcms:4.0.0
Kiwitcms » Kiwi Tcms » Version: 4.1

cpe:2.3:a:kiwitcms:kiwi_tcms:4.1
Kiwitcms » Kiwi Tcms » Version: 4.1.0

cpe:2.3:a:kiwitcms:kiwi_tcms:4.1.0
Kiwitcms » Kiwi Tcms » Version: 4.1.1

cpe:2.3:a:kiwitcms:kiwi_tcms:4.1.1
Kiwitcms » Kiwi Tcms » Version: 4.1.2

cpe:2.3:a:kiwitcms:kiwi_tcms:4.1.2
Kiwitcms » Kiwi Tcms » Version: 4.1.3

cpe:2.3:a:kiwitcms:kiwi_tcms:4.1.3
Kiwitcms » Kiwi Tcms » Version: 4.1.4

cpe:2.3:a:kiwitcms:kiwi_tcms:4.1.4
Kiwitcms » Kiwi Tcms » Version: 4.2

cpe:2.3:a:kiwitcms:kiwi_tcms:4.2
Kiwitcms » Kiwi Tcms » Version: 5.0

cpe:2.3:a:kiwitcms:kiwi_tcms:5.0
Kiwitcms » Kiwi Tcms » Version: 5.1

cpe:2.3:a:kiwitcms:kiwi_tcms:5.1
Kiwitcms » Kiwi Tcms » Version: 5.2

cpe:2.3:a:kiwitcms:kiwi_tcms:5.2
Kiwitcms » Kiwi Tcms » Version: 5.3

cpe:2.3:a:kiwitcms:kiwi_tcms:5.3
Kiwitcms » Kiwi Tcms » Version: 5.3.1

cpe:2.3:a:kiwitcms:kiwi_tcms:5.3.1
Kiwitcms » Kiwi Tcms » Version: 6.0

cpe:2.3:a:kiwitcms:kiwi_tcms:6.0
Kiwitcms » Kiwi Tcms » Version: 6.0.1

cpe:2.3:a:kiwitcms:kiwi_tcms:6.0.1
Kiwitcms » Kiwi Tcms » Version: 6.1

cpe:2.3:a:kiwitcms:kiwi_tcms:6.1
Kiwitcms » Kiwi Tcms » Version: 6.1.1

cpe:2.3:a:kiwitcms:kiwi_tcms:6.1.1
Kiwitcms » Kiwi Tcms » Version: 6.10

cpe:2.3:a:kiwitcms:kiwi_tcms:6.10
Kiwitcms » Kiwi Tcms » Version: 6.11

cpe:2.3:a:kiwitcms:kiwi_tcms:6.11
Kiwitcms » Kiwi Tcms » Version: 6.2

cpe:2.3:a:kiwitcms:kiwi_tcms:6.2
Kiwitcms » Kiwi Tcms » Version: 6.2.1

cpe:2.3:a:kiwitcms:kiwi_tcms:6.2.1
Kiwitcms » Kiwi Tcms » Version: 6.3

cpe:2.3:a:kiwitcms:kiwi_tcms:6.3
Kiwitcms » Kiwi Tcms » Version: 6.4

cpe:2.3:a:kiwitcms:kiwi_tcms:6.4
Kiwitcms » Kiwi Tcms » Version: 6.5

cpe:2.3:a:kiwitcms:kiwi_tcms:6.5
Kiwitcms » Kiwi Tcms » Version: 6.5.1

cpe:2.3:a:kiwitcms:kiwi_tcms:6.5.1
Kiwitcms » Kiwi Tcms » Version: 6.5.2

cpe:2.3:a:kiwitcms:kiwi_tcms:6.5.2
Kiwitcms » Kiwi Tcms » Version: 6.5.3

cpe:2.3:a:kiwitcms:kiwi_tcms:6.5.3
Kiwitcms » Kiwi Tcms » Version: 6.6

cpe:2.3:a:kiwitcms:kiwi_tcms:6.6
Kiwitcms » Kiwi Tcms » Version: 6.7

cpe:2.3:a:kiwitcms:kiwi_tcms:6.7
Kiwitcms » Kiwi Tcms » Version: 6.8

cpe:2.3:a:kiwitcms:kiwi_tcms:6.8
Kiwitcms » Kiwi Tcms » Version: 6.9

cpe:2.3:a:kiwitcms:kiwi_tcms:6.9
Kiwitcms » Kiwi Tcms » Version: 7.0

cpe:2.3:a:kiwitcms:kiwi_tcms:7.0
Kiwitcms » Kiwi Tcms » Version: 7.1

cpe:2.3:a:kiwitcms:kiwi_tcms:7.1
Kiwitcms » Kiwi Tcms » Version: 7.2

cpe:2.3:a:kiwitcms:kiwi_tcms:7.2
Kiwitcms » Kiwi Tcms » Version: 7.2.1

cpe:2.3:a:kiwitcms:kiwi_tcms:7.2.1
Kiwitcms » Kiwi Tcms » Version: 7.3

cpe:2.3:a:kiwitcms:kiwi_tcms:7.3
Kiwitcms » Kiwi Tcms » Version: 8.0

cpe:2.3:a:kiwitcms:kiwi_tcms:8.0
Kiwitcms » Kiwi Tcms » Version: 8.1

cpe:2.3:a:kiwitcms:kiwi_tcms:8.1
Kiwitcms » Kiwi Tcms » Version: 8.2

cpe:2.3:a:kiwitcms:kiwi_tcms:8.2
Kiwitcms » Kiwi Tcms » Version: 8.3

cpe:2.3:a:kiwitcms:kiwi_tcms:8.3
Kiwitcms » Kiwi Tcms » Version: 8.4

cpe:2.3:a:kiwitcms:kiwi_tcms:8.4
Kiwitcms » Kiwi Tcms » Version: 8.5

cpe:2.3:a:kiwitcms:kiwi_tcms:8.5
Kiwitcms » Kiwi Tcms » Version: 8.6

cpe:2.3:a:kiwitcms:kiwi_tcms:8.6
Kiwitcms » Kiwi Tcms » Version: 8.6.1

cpe:2.3:a:kiwitcms:kiwi_tcms:8.6.1
Kiwitcms » Kiwi Tcms » Version: 8.7

cpe:2.3:a:kiwitcms:kiwi_tcms:8.7
Kiwitcms » Kiwi Tcms » Version: 8.8

cpe:2.3:a:kiwitcms:kiwi_tcms:8.8
Kiwitcms » Kiwi Tcms » Version: 8.9

cpe:2.3:a:kiwitcms:kiwi_tcms:8.9
Kiwitcms » Kiwi Tcms » Version: 9.0

cpe:2.3:a:kiwitcms:kiwi_tcms:9.0
Kiwitcms » Kiwi Tcms » Version: 9.0.1

cpe:2.3:a:kiwitcms:kiwi_tcms:9.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-25171

Products

Pricing

Contact Us