{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-29T09:24:11.102","vulnerabilities":[{"cve":{"id":"CVE-2018-16529","sourceIdentifier":"psirt@forcepoint.com","published":"2019-03-28T17:29:00.257","lastModified":"2026-06-17T01:44:26.597","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after the intended expiration period or after the URL has already been used to reset a password."},{"lang":"es","value":"Se ha descubierto una vulnerabilidad de restablecimiento de contraseña en Forcepoint Email Security 8.5.x. La URL de restablecimiento de contraseña puede utilizarse después del periodo de expiración intencionado o después de que la contraseña se haya utilizado para restablecer una contraseña."}],"affected":[{"source":"psirt@forcepoint.com","affectedData":[{"vendor":"Forcepoint","product":"Forcepoint Email Security","versions":[{"version":"8.5.x","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@forcepoint.com","type":"Secondary","description":[{"lang":"en","value":"CWE-640"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-640"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:forcepoint:email_security:*:*:*:*:*:*:*:*","versionStartIncluding":"8.5.0","versionEndIncluding":"8.5.3","matchCriteriaId":"F059F008-0779-4226-950F-E3DC20E39A30"}]}]}],"references":[{"url":"https://help.forcepoint.com/security/CVE/CVE-2018-16529.html","source":"psirt@forcepoint.com","tags":["Vendor Advisory"]},{"url":"https://seclists.org/fulldisclosure/2018/Nov/23","source":"psirt@forcepoint.com","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://help.forcepoint.com/security/CVE/CVE-2018-16529.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://seclists.org/fulldisclosure/2018/Nov/23","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]}]}}]}