{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T08:01:55.904","vulnerabilities":[{"cve":{"id":"CVE-2020-15149","sourceIdentifier":"security-advisories@github.com","published":"2020-08-20T01:17:12.337","lastModified":"2024-11-21T05:04:56.843","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"NodeBB before version 1.14.3 has a bug introduced in version 1.12.2 in the validation logic that makes it possible to change the password of any user on a running NodeBB forum by sending a specially crafted socket.io call to the server. This could lead to a privilege escalation event due via an account takeover. As a workaround you may cherry-pick the following commit from the project's repository to your running instance of NodeBB: 16cee1b03ba3eee177834a1fdac4aa8a12b39d2a. This is fixed in version 1.14.3."},{"lang":"es","value":"NodeBB versiones anteriores a 1.14.3, presenta un error introducido en la versión 1.12.2 en la lógica de comprobación que hace posible cambiar la contraseña de cualquier usuario en un foro NodeBB en ejecución mediante el envío de una llamada socket.io especialmente diseñada al servidor. Esto podría conllevar a un evento de escalada de privilegios debido a una toma de control de la cuenta. Como solución alternativa, puede seleccionar la siguiente confirmación del repositorio del proyecto en su instancia en ejecución de NodeBB: 16cee1b03ba3eee177834a1fdac4aa8a12b39d2a. Esto es corregido en la versión 1.14.3."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":3.1,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":3.1,"impactScore":6.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nodebb:nodebb:*:*:*:*:*:*:*:*","versionStartIncluding":"1.12.2","versionEndExcluding":"1.14.3","matchCriteriaId":"1A40F1AF-6D61-48FD-84F1-68578FF119C1"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/159560/NodeBB-Forum-1.14.2-Account-Takeover.html","source":"security-advisories@github.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://github.com/NodeBB/NodeBB/commit/c2477d9d5ffc43e5ffeb537ea2ceb4ce9592aa39","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/NodeBB/NodeBB/security/advisories/GHSA-hr66-c8pg-5mg7","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://zeroauth.ltd/blog/2020/08/20/proof-of-concept-exploit-for-cve-2020-15149-nodebb-arbitrary-user-password-change/","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/159560/NodeBB-Forum-1.14.2-Account-Takeover.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://github.com/NodeBB/NodeBB/commit/c2477d9d5ffc43e5ffeb537ea2ceb4ce9592aa39","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/NodeBB/NodeBB/security/advisories/GHSA-hr66-c8pg-5mg7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://zeroauth.ltd/blog/2020/08/20/proof-of-concept-exploit-for-cve-2020-15149-nodebb-arbitrary-user-password-change/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}