CVE-2019-19844
Django < 3.0 < 2.2 < 1.11 - Account Hijack
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.)
Django versiones anteriores a 1.11.27, versiones 2.x anteriores a 2.2.9 y versiones 3.x anteriores a 3.0.1, permite tomar el control de la cuenta. Una dirección de correo electrónico diseñada adecuadamente (que es igual a la dirección de correo electrónico de un usuario existente después de la transformación de mayúsculas y minúsculas de los caracteres Unicode) permitiría a un atacante enviarle un token de restablecimiento de contraseña para la cuenta de usuario coincidente. (Una mitigación en las nuevas versiones es enviar tokens de restablecimiento de contraseña solo a la dirección de correo electrónico del usuario registrado).
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-12-17 CVE Reserved
- 2019-12-18 CVE Published
- 2019-12-24 First Exploit
- 2024-08-05 CVE Updated
- 2024-08-14 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-640: Weak Password Recovery Mechanism for Forgotten Password
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html | X_refsource_misc |
|
| https://groups.google.com/forum/#%21topic/django-announce/3oaB2rVH3a0 | X_refsource_misc | |
| https://seclists.org/bugtraq/2020/Jan/9 | Mailing List |
|
| https://security.netapp.com/advisory/ntap-20200110-0003 | X_refsource_confirm |
|
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/47879 | 2019-12-24 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Djangoproject Search vendor "Djangoproject" | Django Search vendor "Djangoproject" for product "Django" | < 1.11.27 Search vendor "Djangoproject" for product "Django" and version " < 1.11.27" | - |
Affected
| ||||||
| Djangoproject Search vendor "Djangoproject" | Django Search vendor "Djangoproject" for product "Django" | >= 2.2 < 2.2.9 Search vendor "Djangoproject" for product "Django" and version " >= 2.2 < 2.2.9" | - |
Affected
| ||||||
| Djangoproject Search vendor "Djangoproject" | Django Search vendor "Djangoproject" for product "Django" | 3.0 Search vendor "Djangoproject" for product "Django" and version "3.0" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 19.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "19.04" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 19.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "19.10" | - |
Affected
| ||||||