CVE-2025-46389
Awaiting Analysis
Awaiting Analysis - Queue
BaseFortify
Publication date: 2025-08-06
Last updated on: 2025-08-06
Assigner: Israel National Cyber Directorate
Description
Description
CWE-620: Unverified Password Change
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-620 | When setting a new password for a user, the product does not require knowledge of the original password, or using another form of authentication. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an unverified password change issue (CWE-620), meaning that the system allows password changes without properly verifying the identity of the requester, potentially enabling unauthorized users to change passwords.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized password changes, which may result in attackers gaining control over user accounts or systems, causing integrity issues without affecting confidentiality or availability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70