CVE-2023-36487:

0.0 CVSS

Description

The password reset function in ILIAS 7.0_beta1 through 7.20 and 8.0_beta1 through 8.1 allows remote attackers to take over the account.

Classification

CVE ID: CVE-2023-36487

CVSS Base Severity: LOW

CVSS Base Score: 0.0

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.61% (probability of being exploited)

EPSS Percentile: 78.8% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://docu.ilias.de/ilias.php?ref_id=1719&obj_id=141694&obj_type=PageObject&cmd=layout&cmdClass=illmpresentationgui&cmdNode=13g&baseClass=ilLMPresentationGUI
https://docu.ilias.de/ilias.php?ref_id=1719&obj_id=141703&obj_type=PageObject&cmd=layout&cmdClass=illmpresentationgui&cmdNode=13g&baseClass=ilLMPresentationGUI

Timeline

2024-11-27 14:41:10 UTC
CVE