Weak policy at Change password function in kromitgmbh/titra

Valid

Reported on

Jun 13th 2022

Description

We can register an normal account with >= 8 characters password. But we ccan change password with just 1 character when we use change password function

Proof of Concept

https://drive.google.com/file/d/1D-IDqrMiaBGLnZaZY9L3u-S4u-MoGxPc/view?usp=sharing

Impact

When users change password to a too simple password, attacker can easily guess user password and access account.

We are processing your report and will contact the kromitgmbh/titra team within 24 hours. a year ago
We have contacted a member of the kromitgmbh/titra team and are waiting to hear back a year ago
kromitgmbh/titra maintainer validated this vulnerability a year ago
Tran Duc Anh has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
Tran Duc Anh
a year ago

Researcher

@admin can we assign a CVE to this vulnerability?

Jamie Slome
a year ago

Admin

If the maintainer is happy to proceed with a CVE, we will assign and publish one on their behalf.

@maintainer?

kromitgmbh/titra maintainer marked this as fixed in 0.78.1 with commit 7f0907 a year ago
The fix bounty has been dropped
This vulnerability will not receive a CVE
kromitgmbh/titra maintainer
a year ago

Maintainer

I am okay with a CVE but the vulnerability has just been fixed in the latest version of titra (0.78.1).

Jamie Slome
a year ago

Admin

Sorted 👍

@maintainer - it is good and standard practice to publish CVEs, especially after they have been fixed :)

to join this conversation