CVE-2022-26872

Password reset interception via API

CVSS 8.3 HIGHEPSS 0.8%CWE-640

In short

A flaw in AMI Megarac's API allows attackers to intercept password reset requests, potentially gaining unauthorized access to accounts. This happens because the API doesn't properly secure the password reset process, making it vulnerable to interception attacks.

Technical detail

The API endpoint handling password reset operations in AMI Megarac fails to implement adequate protection against request interception, allowing an attacker to capture or manipulate password reset tokens or credentials in transit. This vulnerability requires network-level access or a man-in-the-middle position to exploit, and successful exploitation results in account takeover.

Summary generated and translated by AI from the official description.

AMI Megarac Password reset interception via API

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected products

AMI · MegaRAC SPx-12 AMI · MegaRAC SPx-13

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023001.pdf https://security.netapp.com/advisory/ntap-20230731-0008/https://www.kb.cert.org/vuls/id/730007