Vulnerability in Silverpeas Password Change Function Allows Bypass of Complexity Requirements
CVE-2024-42850

Currently unrated

Key Information:

Vendor

Silverpeas

Vendor
CVE Published:
16 August 2024

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 18%

What is CVE-2024-42850?

An issue in the password change function of Silverpeas v6.4.2 and lower allows for the bypassing of password complexity requirements.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-42850
Created by njmbb8

References

http://silverpeas.com
https://github.com/njmbb8/CVE-2024-42850

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

.
CVE-2024-42850 : Vulnerability in Silverpeas Password Change Function Allows Bypass of Complexity Requirements