Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-7j9h-3jxf-3vrf: Denial of service vulnerability on Password reset page

Impact

Previous versions of Kiwi TCMS do not impose rate limits which makes it easier to attempt denial-of-service attacks against the Password reset page. An attacker could potentially send a large number of emails if they know the email addresses of users in Kiwi TCMS. Additionally that may strain SMTP resources.

Patches

Users should upgrade to v12.0 or later.

Workarounds

Users may install and configure a rate-limiting proxy in front of Kiwi TCMS such as Nginx and/or configure rate limits on their email server when possible.

References

Disclosed by Ahmed Rabeaa Mosaa

ghsa
#vulnerability#dos#git#nginx

Package

pip kiwitcms (pip)

Affected versions

< 12.0

Patched versions

12.0

Description

Impact

Previous versions of Kiwi TCMS do not impose rate limits which makes it easier to attempt denial-of-service attacks against the Password reset page. An attacker could potentially send a large number of emails if they know the email addresses of users in Kiwi TCMS. Additionally that may strain SMTP resources.

Patches

Users should upgrade to v12.0 or later.

Workarounds

Users may install and configure a rate-limiting proxy in front of Kiwi TCMS such as Nginx and/or configure rate limits on their email server when possible.

References

Disclosed by Ahmed Rabeaa Mosaa

References

  • GHSA-7j9h-3jxf-3vrf
  • https://nvd.nist.gov/vuln/detail/CVE-2023-25171
  • https://huntr.dev/bounties/3b712cb6-3fa3-4f71-8562-7a7016c6262e
  • https://kiwitcms.org/blog/kiwi-tcms-team/2023/02/15/kiwi-tcms-120/
  • kiwitcms/Kiwi@761305d

Last updated

Feb 15, 2023

Reviewed

Feb 15, 2023

Published to the GitHub Advisory Database

Feb 15, 2023

Published by the National Vulnerability Database

Feb 15, 2023

atodorov published to kiwitcms/Kiwi

Feb 15, 2023

Related news

CVE-2023-25171: Denial of service vulnerability on Password reset page

Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt denial-of-service attacks against the Password reset page. An attacker could potentially send a large number of emails if they know the email addresses of users in Kiwi TCMS. Additionally that may strain SMTP resources. Users should upgrade to v12.0 or later to receive a patch. As potential workarounds, users may install and configure a rate-limiting proxy in front of Kiwi TCMS and/or configure rate limits on their email server when possible.