CVE-2006-4247: Plone allows anonymous users to reset any users password through the web via Password Reset Tool
9.1
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.55558%
CWE
-
Published
5/1/2022
Updated
11/26/2024
KEV Status
No
Technology
Python
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
Plone | pip | >= 2.5, < 2.5.1 | 2.5.1 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from an erroneous security declaration in the Password Reset Tool. Since the core issue allows anonymous password resets, the most likely candidate is the password reset initiation function requestReset()
. In Plone's architecture, security is typically enforced via Zope security declarations (@security.private, permissions). The absence of proper access controls on this critical function would directly enable unauthorized password resets. While exact code isn't available, the pattern matches Plone's security model and the described attack vector.