Password Aging with Long Expiration

CVE-2023-1976

High

8.8/10

Summary

Password Aging with Long Expiration in the package github.com/answerdev/answer versions prior to 1.0.6. This issue has the same fix as CVE-2023-1537, CVE-2023-1538 and CVE-2023-1539.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-263 - Password Aging with Long Expiration

Allowing password aging to occur unchecked can result in the possibility of diminished password integrity.

References

Advisory
Disclosure

Advisory Timeline

Published Apr 11, 2023

Password Aging with Long Expiration

CVE-2023-1976

Summary

CWE-263 - Password Aging with Long Expiration

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS