nvd-json-data-feeds/CVE-2019/CVE-2019-102xx/CVE-2019-10270.json

{
  "id": "CVE-2019-10270",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2019-06-21T18:15:09.577",
  "lastModified": "2023-04-17T16:44:47.110",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "An arbitrary password reset issue was discovered in the Ultimate Member plugin 2.39 for WordPress. It is possible (due to lack of verification and correlation between the reset password key sent by mail and the user_id parameter) to reset the password of another user. One only needs to know the user_id, which is publicly available. One just has to intercept the password modification request and modify user_id. It is possible to modify the passwords for any users or admin WordPress Ultimate Members. This could lead to account compromise and privilege escalation."
    },
    {
      "lang": "es",
      "value": "Se detect\u00f3 un problema de restablecimiento de contrase\u00f1a arbitrario en el plugin Member  versi\u00f3n 2.39 de Ultimate para WordPress. Es posible restablecer la contrase\u00f1a de otro usuario (debido a la falta de comprobaci\u00f3n y correlaci\u00f3n entre la clave de restablecimiento de la contrase\u00f1a enviada por correo y el par\u00e1metro user_id). Solo se necesita conocer el user_id, que est\u00e1 disponible p\u00fablicamente. Solo hay que interceptar la solicitud de modificaci\u00f3n de contrase\u00f1a y modificar el ID de usuario. Es posible modificar las contrase\u00f1as de cualquier usuario o administrador de WordPress Ultimate Members. Esto podr\u00eda conllevar a comprometer la cuenta y la escalada de privilegios."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "SINGLE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.0
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-640"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ultimatemember:ultimate_member:*:*:*:*:*:wordpress:*:*",
              "versionEndExcluding": "2.0.40",
              "matchCriteriaId": "A0451A41-7BA3-42DA-A431-52551BC7C4EE"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://cxsecurity.com/issue/WLB-2019060101",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    }
  ]
}