Brute Force Vulnerability in phpIPAM version 1.5.1 Allows Attackers to Bypass IP Block Mechanism and Perform Brute Force Attacks on User Accounts
CVE-2024-0787
5.9MEDIUM
Key Information:
- Vendor
- PHPipam
- Status
- PHPipam/PHPipam
- Vendor
- CVE Published:
- 15 November 2024
Summary
phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header. The issue lies in the 'get_user_ip()' function in 'class.Common.php' at lines 1044 and 1045, where the presence of the 'X-Forwarded-For' header is checked and used instead of 'REMOTE_ADDR'. This vulnerability allows attackers to perform brute force attacks on user accounts, including the admin account. The issue is fixed in version 1.7.0.
Affected Version(s)
phpipam/phpipam < 1.7.0
References
CVSS V3.1
Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved