CVE-2011-1035

EUVD-2011-1051
The password reset in PivotX before 2.2.4 allows remote attackers to modify the passwords of arbitrary users via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
Affected Products (NVD)
VendorProductVersion
pivotxpivotx
𝑥
≤ 2.2.3
pivotxpivotx
2.1.0
pivotxpivotx
2.1.1
pivotxpivotx
2.1.2
pivotxpivotx
2.2.0
pivotxpivotx
2.2.0:b1
pivotxpivotx
2.2.0:b2
pivotxpivotx
2.2.0:rc
pivotxpivotx
2.2.1
pivotxpivotx
2.2.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://blog.pivotx.net/2011-02-16/pivotx-225-released
http://forum.pivotx.net/viewtopic.php?f=2&t=1961
http://forum.pivotx.net/viewtopic.php?f=2&t=1967
http://forum.pivotx.net/viewtopic.php?p=10639#p10639
http://osvdb.org/70935
http://secunia.com/advisories/43417
http://www.kb.cert.org/vuls/id/175068
http://www.securityfocus.com/bid/46463
http://www.vupen.com/english/advisories/2011/0445
https://exchange.xforce.ibmcloud.com/vulnerabilities/65539
http://blog.pivotx.net/2011-02-16/pivotx-225-released
http://forum.pivotx.net/viewtopic.php?f=2&t=1961
http://forum.pivotx.net/viewtopic.php?f=2&t=1967
http://forum.pivotx.net/viewtopic.php?p=10639#p10639
http://osvdb.org/70935
http://secunia.com/advisories/43417
http://www.kb.cert.org/vuls/id/175068
http://www.securityfocus.com/bid/46463
http://www.vupen.com/english/advisories/2011/0445
https://exchange.xforce.ibmcloud.com/vulnerabilities/65539