CVE-2009-5025

High

A backdoor (aka BMSA-2009-07) was found in PyForum v1.0.3 where an attacker who knows a valid user email could force a password reset on…

redhat·CWE-640·Published 2020-01-15

CVSS

7.5

EPSS

0.02

KEV

Exploits

cve.orgen

157 chars

A backdoor (aka BMSA-2009-07) was found in PyForum v1.0.3 where an attacker who knows a valid user email could force a password reset on behalf of that user.

NVDen

157 chars

A backdoor (aka BMSA-2009-07) was found in PyForum v1.0.3 where an attacker who knows a valid user email could force a password reset on behalf of that user.

Se encontró un backdoor (también se conoce como BMSA-2009-07) en PyForum versión v1.0.3, donde un atacante que conoce un correo electrónico de un usuario válido podría forzar un restablecimiento de contraseña en nombre de ese usuario.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N