Vulnerability in Silverpeas Password Change Function Allows Bypass of Complexity Requirements
CVE-2024-42850

Currently unrated

Key Information:

Vendor: Silverpeas
Status: Silverpeas
Vendor: CVE Published:; 16 August 2024

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 19%

What is CVE-2024-42850?

An issue in the password change function of Silverpeas v6.4.2 and lower allows for the bypassing of password complexity requirements.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-42850
Created by njmbb8

References

http://silverpeas.com

https://github.com/njmbb8/CVE-2024-42850

EPSS Score

19% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Aug 16, 2024
👾
Exploit known to exist
Aug 16, 2024
Vulnerability published
Aug 16, 2024